2886 matches found
CVE-2006-1874
CVE-2006-1874 affects Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.6 in the Oracle Spatial component (DB09). The issue is described as a SQL injection in MDSYS.PRVT_IDX via the functions EXECUTE_INSERT, EXECUTE_DELETE, EXECUTE_UPDATE, EXECUTE UPDATE, and CRT_DUMMY. OpenVAS/Nessus entries co...
CVE-2006-1877
Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.7 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB13...
CVE-2006-1867
Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknown impact and attack vectors in the Advanced Replication component, aka Vuln DB02...
CVE-2006-1866
CVE-2006-1866 affects Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5 and other versions, with unknown impact/attack vectors in (1) Advanced Replication (DB01) and (2) Oracle Spatial (DB10). Oracle reportedly did not publicly disclose details as of 20060421, but claims exist that DB01 ...
CVE-2006-1868
CVE-2006-1868 affects Oracle Database Server 10.1.0.4, where a buffer overflow in the Advanced Replication component enables database users to execute arbitrary code via the VERIFY_LOG procedure of the DBMS_SNAPSHOT_UTL package (aka Vuln# DB03). The OpenVAS/Nessus records confirm multiple referen...
CVE-2006-1872
Technical details about CVE-2006-1872 are not publicly available in the provided documents. Monitor for updates from sources in connected documents; no concrete affected products, root cause, impact, or remediation can be stated from the supplied data.
CVE-2006-1877
Technical details about CVE-2006-1877 are not provided in the supplied documents. The Oracle Spatial vulnerability is described as unspecified with unknown impact and vectors.
CVE-2006-1871
CVE-2006-1871 is a SQL injection vulnerability in Oracle Database Server (versions 9.2.0.7 and 10.1.0.5) that allows remote attackers to execute arbitrary SQL commands via the DELETE_FROM_TABLE function in the DBMS_LOGMNR_SESSION (Log Miner) package. The issue is documented with an impact assessm...
CVE-2006-1869
Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 has unknown impact and attack vectors in the Dictionary component, aka Vuln DB04...
CVE-2006-1873
Unspecified vulnerability in Oracle Database Server 9.2.0.7, 10.1.0.4, and 10.2.0.1 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB08...
CVE-2006-1875
Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB11. NOTE: Oracle has not disputed reliable researcher claims that this issue is SQL injection in MDSYS.SDOLRSTRIGINS...
CVE-2006-1869
CVE-2006-1869: Unspecified vulnerability in Oracle Database Server versions 8.1.7.4 and 9.0.1.5 affects the Dictionary component (DB04). The initial description notes unknown impact and attack vectors; connected documents corroborate that this vulnerability is associated with Oracle’s Dictionary,...
CVE-2006-1870
Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors in the Export component, aka Vuln DB05. NOTE: details are unavailable from Oracle, but as of 20060427, they have not publicly commented on whether DB05 is th...
CVE-2006-1873
Technical details about CVE-2006-1873 are not publicly available in the provided documents; no concrete impact, vectors, or mitigations are described. Monitor for updates as more information may be released.
CVE-2006-1874
Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.6 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB09. NOTE: Oracle has not disputed reliable claims that this issue is SQL injection in MDSYS.PRVTIDX using the 1 EXECUTEINSERT, 2...
CVE-2006-1876
Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB12. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly disputed a claim by a reliable independent researche...
CVE-2006-0435
Unspecified vulnerability in Oracle PL/SQL PLSQL, as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows...
CVE-2006-0435
Unspecified vulnerability in Oracle PL/SQL PLSQL, as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows...
CVE-2006-0435
The CVE-2006-0435 entry concerns Oracle PL/SQL Gateway/PLSQLExclusion bypass vulnerability (PLSQL01). Public sources (CERT VU and NVD) describe that the Oracle PL/SQL Gateway fails to validate HTTP requests, potentially allowing a remote attacker to bypass access controls and execute SQL commands...
CVE-2006-0261
Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB07 in the Dictionary component and 2 DB14 in the Oracle Label Security component. NOTE: Oracle has not disputed...