CVE-2007-4393

high

Description

The installation script for orarun on SUSE Linux before 20070810 places the oracle user into the disk group, which allows the local oracle user to read or write raw disk partitions.

References

http://www.novell.com/linux/security/advisories/2007_16_sr.html

http://secunia.com/advisories/26395

http://osvdb.org/46403

Details

Source: Mitre, NVD

Published: 2007-08-17

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00065