3671 matches found
CVE-2010-0852
CVE-2010-0852 affects Oracle Database XML DB component across versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3. The vulnerability is described as unspecified, allowing remote authenticated users to affect confidentiality and integrity via unknown vectors. The connected NVD entry provides a CVS...
CVE-2010-0851
Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality via unknown vectors...
CVE-2010-0866
CVE-2010-0866 concerns Oracle Database JavaVM; connected docs cite exploits for DBMS_JVM_EXP_PERMS enabling OS command/code execution via remote authenticated users (CREATE_SESSION) on Oracle DB 10gR2/11gR1/R2. The flaw allows granting Java IO privileges, per Metasploit modules referenced in PACK...
CVE-2010-0867
CVE-2010-0867 targets Oracle Database JavaVM; connected advisories disclose a privilege escalation/command execution flaw in the DBMS_JAVA/DBMS_JVM_EXP_PERMS paths. Remote authenticated users with CREATE_SESSION can exploit the weakness to execute arbitrary OS commands, potentially with elevated ...
CVE-2010-0870
Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCPUBLISH...
CVE-2010-0866
Unspecified vulnerability in the JavaVM component in Oracle Database 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...
CVE-2010-0870
CVE-2010-0870 affects Oracle Database 9.2.0.8 and 9.2.0.8DV in the Change Data Capture component, related to SYS.DBMS_CDC_PUBLISH. Connected sources describe a SQL injection flaw in the DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE procedure that can be exploited by any user with execute privilege (default...
CVE-2010-0860
CVE-2010-0860 affects Oracle Database Core RDBMS components in 9.2.0.8 (and DV variants), 10.1.0.5, 10.2.0.4, and 11.1.0.7. The vulnerability allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to the Create User privilege. The issu...
CVE-2010-0867
Unspecified vulnerability in the JavaVM component in Oracle Database 10.2.0.4, 11.1.0.7, and 11.2.0.1.0 allows remote authenticated users to affect integrity via unknown vectors...
Oracle Database DBMS TNS Listener Denial of Service (CVE-2009-0991)
Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, e.g., procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...
Oracle Database DBMS_JVM_EXP_PERMS IMPORT_JVM_PERMS privilege elevation
Added: 02/26/2010 BID: 38115 OSVDB: 62184 Background Oracle Database embeds a Java runtime environment called OracleJVM. The DBMSJVMEXPPERMS package is included in Oracle Database and is used for importing and exporting Java permissions between database servers. Problem A privilege elevation...
Oracle Database DBMS_JVM_EXP_PERMS IMPORT_JVM_PERMS privilege elevation
Added: 02/26/2010 BID: 38115 OSVDB: 62184 Background Oracle Database embeds a Java runtime environment called OracleJVM. The DBMSJVMEXPPERMS package is included in Oracle Database and is used for importing and exporting Java permissions between database servers. Problem A privilege elevation...
Oracle Database DBMS_JVM_EXP_PERMS IMPORT_JVM_PERMS privilege elevation
Added: 02/26/2010 BID: 38115 OSVDB: 62184 Background Oracle Database embeds a Java runtime environment called OracleJVM. The DBMSJVMEXPPERMS package is included in Oracle Database and is used for importing and exporting Java permissions between database servers. Problem A privilege elevation...
Oracle Database DBMS_JVM_EXP_PERMS IMPORT_JVM_PERMS privilege elevation
Added: 02/26/2010 BID: 38115 OSVDB: 62184 Background Oracle Database embeds a Java runtime environment called OracleJVM. The DBMSJVMEXPPERMS package is included in Oracle Database and is used for importing and exporting Java permissions between database servers. Problem A privilege elevation...
Oracle Database DBMS_Scheduler Privilege Escalation (CVE-2005-1496)
Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages are provided to the database user in order to better manage the data. One such package is the DBMSScheduler, which is a task scheduling...
Oracle 11g - Multiple Privilege Escalation Vulnerabilities
Oracle 11g - Multiple Privilege Escalation Vulnerabilities source: https://www.securityfocus.com/bid/38115/info Oracle Database is prone to multiple remote privilege-escalation issues because it fails to properly restrict access to certain packages. The attacker can exploit these issues to escala...
Oracle 10g - Multiple Privilege Escalation Vulnerabilities
Oracle 10g - Multiple Privilege Escalation Vulnerabilities source: https://www.securityfocus.com/bid/38115/info Oracle Database is prone to multiple remote privilege-escalation issues because it fails to properly restrict access to certain packages. The attacker can exploit these issues to escala...
Code injection
Unspecified vulnerability in HP Enterprise Cluster Master Toolkit ECMT B.05.00 on HP-UX B.11.23 11i v2 and HP-UX B.11.31 11i v3 allows local users to gain access to an Oracle or Sybase database via unknown vectors...
CVE-2009-4184
Unspecified vulnerability in HP Enterprise Cluster Master Toolkit ECMT B.05.00 on HP-UX B.11.23 11i v2 and HP-UX B.11.31 11i v3 allows local users to gain access to an Oracle or Sybase database via unknown vectors...
Oracle Database Server Workspace Manager Multiple SQL Injection (CVE-2008-3982)
Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e., procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...