6 matches found
Allround Automations PL/SQL Developer < 11.0.6.1776 HTTP Insecure Update RCE
The version of Allround Automations PL/SQL Developer installed on the remote host is prior to 11.0.6.1776. It is, therefore, affected by a remote code execution vulnerability due to a failure to properly verify the origin or authenticity of update data sent via HTTP. A man-in-the-middle attacker...
Allround Automations PL/SQL Developer Installed
Binary data allautoplsqldeveloper.nbin...
Allround Automations PL/SQL Developer Arbitrary Code Execution Vulnerability
Allround Automations PL/SQL Developer is an integrated development environment for developing stored procedures for Oracle Databases. An arbitrary code execution vulnerability exists in Allround Automations PL/SQL Developer, which can be exploited by an attacker to execute arbitrary code...
CVE-2016-2346
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream...
CVE-2016-2346
CVE-2016-2346 affects Allround Automations PL/SQL Developer prior to 11.0.6.1776. The vulnerability arises from verifying HTTP update data, allowing a man-in-the-middle to modify the client‑server data stream and execute arbitrary code with the user’s privileges. Affected version: PL/SQL Develope...
CVE-2016-2346
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream...