Unrated severityNVD Advisory· Published Jan 17, 2008· Updated Apr 23, 2026

CVE-2008-0347

Description

Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; and Application Server 9.0.4.3 and 10.1.2.0.2; has unknown impact and local attack vectors, aka OCS01. NOTE: Oracle has not disputed a reliable claim that this issue is related to WKSYS schema privileges.

Affected products

Oracle Corporation/Application Server8 versions
cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
Oracle Corporation/Application Server 9i2 versions
cpe:2.3:a:oracle:application_server_9i:10.1.2.0.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:application_server_9i:10.1.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server_9i:9.0.4.3:*:*:*:*:*:*:*
Oracle Corporation/Collaboration Suite
cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*
Oracle Corporation/Database Server7 versions
cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*
Oracle Corporation/E Business Suite7 versions
cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:e-business_suite:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:e-business_suite:12.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:e-business_suite:12.0.3:*:*:*:*:*:*:*
Oracle Corporation/Peoplesoft Enterprise Peopletools3 versions
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/28518nvdVendor Advisory
secunia.com/advisories/28556nvdVendor Advisory
www.vupen.com/english/advisories/2008/0150nvdVendor Advisory
www.vupen.com/english/advisories/2008/0180nvdVendor Advisory
www.us-cert.gov/cas/techalerts/TA08-017A.htmlnvdUS Government Resource
marc.infonvd
securitytracker.com/idnvd
www.oracle.com/technetwork/topics/security/cpujan2008-086860.htmlnvd
www.petefinnigan.com/Advisory_CPU_Jan_2008.htmnvd
www.securityfocus.com/archive/1/487322/100/100/threadednvd
www.securityfocus.com/bid/27229nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000