Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2607


Vulnerability Score 6.5 6.5
CVE Id CVE-2008-2607
Last Modified 22 Oct 2012 10:48:43
Published 15 Jul 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE



Unspecified vulnerability in the Advanced Queuing component in Oracle Database,,,, and has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a buffer overflow that allows attackers to cause a denial of service (database corruption) and possibly execute arbitrary code via a long argument to an unspecified procedure.

Vulnerable Systems


  • Oracle Advanced Queuing Component

  • Oracle Database 9i

  • Oracle Database Server

  • Oracle Database Server

  • Oracle Database Server


VUPEN - ADV-2008-2115

VUPEN - ADV-2008-2109

SECTRACK - 1020499


SECUNIA - 31113

SECUNIA - 31087

IDEFENSE - 20080715 Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability

HP - HPSBMA02133


HP - SSRT061201

Last Updated: 27 May 2016 11:01:04