Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2595


Vulnerability Score 5.0 5.0
CVE Id CVE-2008-2595
Last Modified 22 Oct 2012 10:48:41
Published 15 Jul 2008 07:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server,, and has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference.

Vulnerable Systems


  • Oracle Database 10g

  • Oracle Database 10g

  • Oracle Database 9i



VUPEN - ADV-2008-2115

VUPEN - ADV-2008-2109

SECTRACK - 1020494

MILW0RM - 6101

SECUNIA - 31113

SECUNIA - 31087

IDEFENSE - 20080715 Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability

HP - SSRT061201


HP - HPSBMA02133

Last Updated: 27 May 2016 11:01:03