Unrated severityNVD Advisory· Published May 8, 2012· Updated Jun 16, 2026
CVE-2012-1675
CVE-2012-1675
Description
The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka "TNS Poison."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:10.2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:11.2.0.4:*:*:*:*:*:*:*
- Range: 11g 11.1.0.7, 11.2.0.2, 11.2.0.3; 10g 10.2.0.3, 10.2.0.4, 10.2.0.5
Patches
Vulnerability mechanics
References
10- seclists.org/fulldisclosure/2012/Apr/204nvdExploitMailing ListThird Party Advisory
- www.securityfocus.com/bid/53308nvdExploitThird Party AdvisoryVDB Entry
- lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.htmlnvdMailing ListThird Party Advisory
- seclists.org/fulldisclosure/2012/Apr/343nvdMailing ListThird Party Advisory
- www.kb.cert.org/vuls/id/359816nvdThird Party AdvisoryUS Government Resource
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.htmlnvdVendor Advisory
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- blogs.oracle.com/security/entry/security_alert_for_cve_2012nvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/75303nvdVDB Entry
News mentions
0No linked articles in our index yet.