CVE-1999-0888

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Aug 16, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-0888 is a vulnerability affecting Oracle Intelligent Agent's dbsnmp component. By setting the ORACLE_HOME environmental variable, local users can manipulate dbsnmp's behavior and gain elevated privileges. The nmiconf.tcl script, which dbsnmp uses to locate configuration files, becomes accessible as a result. This issue poses a significant security risk, allowing unauthorized users to potentially gain unintended access and modify sensitive data within the system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Oracle Database Server

Affected Vendors

BonqDAO

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlTtP
https://www.cve.org/CVERecord?id=CVE-1999-0888
https://nvd.nist.gov/vuln/detail/CVE-1999-0888

Back to Vulnerability Database