88 matches found
Oracle Database Multiple Vulnerabilities (January 2006 CPU)
The remote Oracle database server is missing the January 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Change Data Capture - Connection Manager - Data Pump - Data Pump Metadata API - Dictionary - Java Net...
Oracle Database Multiple Vulnerabilities (April 2008 CPU)
The remote Oracle database server is missing the April 2008 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Audit - Authentication - Change Data Capture - Core RDBMS - Data Pump - Export - Oracle Enterprise...
Oracle Database Multiple Vulnerabilities (July 2006 CPU)
The remote Oracle database server is missing the July 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Change Data Capture CDC - Core RDBMS - Data Pump Metadata API - Dictionary - Export - InterMedia - OCI - Oracle ODBC Driver...
Oracle Database Multiple Vulnerabilities (October 2005 CPU)
The remote Oracle database server is missing the October 2005 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Change Data Capture - Data Guard Logical Standby - Data Pump Export - Database Scheduler - Export - Locale - Materialize...
Oracle Database Multiple Vulnerabilities (October 2006 CPU)
The remote Oracle database server is missing the October 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Change Data Capture CDC - Core RDBMS - Database Scheduler - Oracle Spatial - XMLDB %NASLMINLEVEL 70300 C Tenable Network...
Oracle Database Multiple Vulnerabilities (October 2010 CPU)
The remote Oracle database server is missing the October 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Enterprise Manager Console - Java Virtual Machine - Change Data Capture - OLAP - Job Queue - XDK - Core RDBMS - Perl...
Oracle database CREATE_CHANGE_SET the process of SQL injection vulnerabilities and patch-vulnerability warning-the black bar safety net
Vulnerability description: Oracle is a large commercial database system. Oracle database Change Data Capture components are provided in a DBMSCDCPUBLISH PL/SQL package, the package CREATECHANGESET process in the presence ofSQL injectionvulnerabilities. Malicious users can in a special parameter...
Oracle数据库CREATE_CHANGE_SET过程SQL注入漏洞
BUGTRAQ ID: 43956 CVE ID: CVE-2010-2415 Oracle是大型的商业数据库系统。 Oracle数据库的Change Data Capture组件中提供了一个DBMSCDCPUBLISH PL/SQL软件包,该软件包的CREATECHANGESET过程中存在SQL注入漏洞。恶意用户可以以特殊参数调用有漏洞的过程,导致以SYS用户的权限执行SQL语句。 利用这个漏洞要求拥有对SYS.DBMSCDCPUBLISH软件包的EXECUTE权限。默认下给予了EXECUTECATALOGROLE角色的用户拥有这个权限。 Oracle Database 11.2.0....
CVE-2010-2415
Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...
Design/Logic Flaw
Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...
Oracle Database Multiple Vulnerabilities (April 2010 CPU)
The remote Oracle database server is missing the April 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Core RDBMS - JavaVM - Change Data Capture - Audit %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Design/Logic Flaw
Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCPUBLISH...
CVE-2010-0870
Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCPUBLISH...
CVE-2010-0870
CVE-2010-0870 affects Oracle Database 9.2.0.8 and 9.2.0.8DV in the Change Data Capture component, related to SYS.DBMS_CDC_PUBLISH. Connected sources describe a SQL injection flaw in the DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE procedure that can be exploited by any user with execute privilege (default...
CVE-2010-0870
Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCPUBLISH...
CVE-2008-3996
Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCIPUBLISH...
Design/Logic Flaw
Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...
Design/Logic Flaw
Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCIPUBLISH...
CVE-2008-3995
CVE-2008-3995 affects Oracle Database (10gR1/10gR2/11gR1) Change Data Capture component. The root cause is an SQL injection in SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE, exploitable by any user with EXECUTE privilege on the package. Impact per sources: remote authenticated access that can ...
CVE-2008-3996
Oracle Database Change Data Capture vulnerability in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE allows SQL injection exploitable by any user with EXECUTE privilege on the package (10gR1, 10gR2, 11gR1). Remote attacker can execute injected SQL with SYS privileges; fix available via Octobe...