CVE-2012-1675 (GCVE-0-2012-1675)
Vulnerability from cvelistv5 – Published: 2012-05-08 22:00 – Updated: 2024-08-06 19:08
VLAI
EPSS
VEX
Summary
The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka "TNS Poison."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/53308 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id?1027000 | vdb-entryx_refsource_SECTRACK |
| http://seclists.org/fulldisclosure/2012/Apr/343 | mailing-listx_refsource_FULLDISC |
| https://blogs.oracle.com/security/entry/security_… | x_refsource_CONFIRM |
| http://www.kb.cert.org/vuls/id/359816 | third-party-advisoryx_refsource_CERT-VN |
| http://seclists.org/fulldisclosure/2012/Apr/204 | mailing-listx_refsource_FULLDISC |
| http://www.oracle.com/technetwork/topics/security… | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2012-04-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:08:36.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2012:0765",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html"
},
{
"name": "53308",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53308"
},
{
"name": "1027000",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027000"
},
{
"name": "20120428 Oracle TNS Poison vulnerability is actually a 0day with no patch available",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2012/Apr/343"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012"
},
{
"name": "VU#359816",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/359816"
},
{
"name": "20120418 The history of a -probably- 13 years old Oracle bug: TNS Poison",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2012/Apr/204"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "oracledatabase-tnslistener-spoofing(75303)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75303"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka \"TNS Poison.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2012:0765",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html"
},
{
"name": "53308",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53308"
},
{
"name": "1027000",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027000"
},
{
"name": "20120428 Oracle TNS Poison vulnerability is actually a 0day with no patch available",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2012/Apr/343"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012"
},
{
"name": "VU#359816",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/359816"
},
{
"name": "20120418 The history of a -probably- 13 years old Oracle bug: TNS Poison",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2012/Apr/204"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "oracledatabase-tnslistener-spoofing(75303)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75303"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-1675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka \"TNS Poison.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2012:0765",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html"
},
{
"name": "53308",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53308"
},
{
"name": "1027000",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027000"
},
{
"name": "20120428 Oracle TNS Poison vulnerability is actually a 0day with no patch available",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2012/Apr/343"
},
{
"name": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012",
"refsource": "CONFIRM",
"url": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012"
},
{
"name": "VU#359816",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/359816"
},
{
"name": "20120418 The history of a -probably- 13 years old Oracle bug: TNS Poison",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2012/Apr/204"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "oracledatabase-tnslistener-spoofing(75303)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75303"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2012-1675",
"datePublished": "2012-05-08T22:00:00.000Z",
"dateReserved": "2012-03-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:08:36.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2012-1675",
"date": "2026-07-15",
"epss": "0.77633",
"percentile": "0.99513"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2012-1675\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2012-05-08T22:55:01.010\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka \\\"TNS Poison.\\\"\"},{\"lang\":\"es\",\"value\":\"TNS Listener, tal como es usado en Oracle Database 11g 11.1.0.7, 11.2.0.2, y 11.2.0.3, y 10g 10.2.0.3, 10.2.0.4, y 10.2.0.5, y en Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, y posiblemente otros productos, permite a atacantes remotos ejecutar comandos de base de datos arbitrarios realizando un registro remoto de (1) una instancia o (2) nombre de servicio de base de datos que ya existe y, a continuaci\u00f3n, relizando un ataque de man-in-the-middle (MITM) para secuestrar conexiones de bases de datos. Tambi\u00e9n conocido como \\\"TNS Poison.\\\"\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED41086B-840A-4B39-B249-461A4B00B57B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4AC251D-9313-4A54-9623-51DC0AEC46FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:10.2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ACC1D6F-2EDD-4DAA-B9CE-CF516C2B35C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDEDE937-C3D7-421C-9F70-F546AB823E1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D7157D8-4959-4F6C-BFA0-D80862393AA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"165A1F85-076B-4216-8EF8-D67E6EC63A6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:11.2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1E11A25-C7CE-49DF-99CA-352FD21B8230\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2012/Apr/204\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2012/Apr/343\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/359816\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/53308\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1027000\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://blogs.oracle.com/security/entry/security_alert_for_cve_2012\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/75303\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"VDB Entry\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2012/Apr/204\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2012/Apr/343\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/359816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/53308\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1027000\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://blogs.oracle.com/security/entry/security_alert_for_cve_2012\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/75303\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…