Unrated severityNVD Advisory· Published Apr 16, 2008· Updated Apr 23, 2026

CVE-2008-1811

Description

Unspecified vulnerability in Oracle Application Express 3.0.1 has unspecified impact and remote authenticated attack vectors related to flows_030000.wwv_execute_immediate, aka APEX01. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that APEX01 is for insufficient authorization checks for SQL commands in the run_ddl function in flows_030000.wwv_execute_immediate, allowing privilege escalation by certain non-DBA remote authenticated users.

Affected products

Oracle Corporation/Application Express
cpe:2.3:a:oracle:application_express:3.0.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/29829nvdVendor Advisory
secunia.com/advisories/29874nvdVendor Advisory
www.vupen.com/english/advisories/2008/1233/referencesnvdVendor Advisory
www.vupen.com/english/advisories/2008/1267/referencesnvdVendor Advisory
labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
www.oracle.com/technetwork/topics/security/cpuapr2008-082075.htmlnvd
www.securityfocus.com/archive/1/491024/100/0/threadednvd
www.securitytracker.com/idnvd
exchange.xforce.ibmcloud.com/vulnerabilities/41858nvd
exchange.xforce.ibmcloud.com/vulnerabilities/41988nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000