3671 matches found
Design/Logic Flaw
Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...
CVE-2010-2411
Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMSIJOB...
CVE-2010-2389
Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Logon...
Design/Logic Flaw
Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Logon...
Design/Logic Flaw
Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMSIJOB...
Security feature bypass
Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server 10.1.0.5 and 10.2.0.3, Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3, and Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown...
CVE-2010-2412
Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
CVE-2010-2415
Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...
CVE-2010-2389
Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Logon...
CVE-2010-2391
CVE-2010-2391 affects Oracle Database Server Core RDBMS components in Oracle Database Server versions 10.1.0.5 and 10.2.0.3. The vulnerability is described as unspecified, allowing remote authenticated users to impact confidentiality and integrity via unknown vectors. The CVSS data from the refer...
CVE-2010-2389
CVE-2010-2389 affects Oracle Database Server components and Fusion Middleware. The Perl component in Oracle Database Server versions 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5, and in Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0, allows a local user to affect integrity via unknown vector...
Oracle Database Java Stored Procedure Race Condition Remote Code Execution Vulnerability
This vulnerability allows remote attackers to break out of the Java Sandbox implemented by Oracle's relational database. Authentication is required in that a user must be able to create a Java stored procedure to trigger the issue. The specific flaw exists within Oracle's custom SecurityManager...
Oracle Secure Backup Administration property_box.php objectname command injection
Added: 09/30/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 66340 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the propertybox.php script allows remote attackers to inject arbitrary commands via the objectname paramete...
Oracle Database Application Express Component APEX Password Hash Disclosure (CVE-2009-0981)
Oracle Application Express APEX is a component of Oracle database server products. It is a web application development environment, with which developers can create and deploy database-backed applications via a web-based interface. An information disclosure vulnerability exists in the Application...
Oracle Critical Patch Update Advisory - July 2010
Oracle Critical Patch Update Advisory - July 2010 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...
Oracle Database Multiple Vulnerabilities (July 2010 CPU)
The remote Oracle database server is missing the July 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Listener - Net Foundation Layer - Oracle OLAP - Application Express - Network Layer - Export %NASLMINLEVEL 70300 C Tenable...
CVE-2010-0901
Unspecified vulnerability in the Export component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Select Any Dictionary...
CVE-2010-0902
Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...
CVE-2010-0892
Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2.0.00.27 allows remote attackers to affect integrity via unknown vectors...