CVE-2008-0345

Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08...

CVE-2008-0342

Unspecified vulnerability in the Upgrade/Downgrade component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB05...

CVE-2008-0341

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+ and 10.1.0.5 has unknown impact and remote attack vectors, aka DB03...

CVE-2008-0345

CVE-2008-0345 : The Connected documents confirm an unspecified vulnerability in the Core RDBMS component of Oracle Database 11.1.0.6. The description provides no detail on the exact affected sub-component, root cause, impact, or exploitation method, only stating “unknown impact” and “remote attac...

CVE-2008-0343

CVE-2008-0343 concerns an unspecified vulnerability in the Oracle Spatial component affecting Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5. The description notes unknown impact and remote attack vectors (DB06). Public references list multiple advisories; the NVD entry assigns a...

CVE-2008-0340

CVE-2008-0340 concerns Oracle Database with multiple unspecified vulnerabilities affecting the Advanced Queuing (DB02) and Oracle Spatial (DB04) components across several versions (e.g., 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3). The description notes unknown impact and remote attack...

CVE-2008-0341

The CVE-2008-0341 entry concerns Oracle Database’s Advanced Queuing component in versions 9.0.1.5 FIPS+ and 10.1.0.5, described as an unspecified vulnerability with unknown impact and remote attack vectors (DB03). Connected sources corroborate a family of unspecified Oracle Database vulnerabiliti...

Oracle Database 10 g - XML DB xdb.xdb_pitrig_pkg Package PITRIG_TRUNCATE Function Overflow

Oracle Database 10 g - XML DB xdb.xdbpitrigpkg Package PITRIGTRUNCATE Function Overflow source: https://www.securityfocus.com/bid/27229/info Oracle has released its critical patch update for January 2008. The advisory addresses 26 vulnerabilities affecting Oracle Database, Oracle Application...

Database system security vulnerability excavations-vulnerability warning-the black bar safety net

Today, in the virus raging, hacking the ubiquitous network environment where software security has become a concern of the topic. Traditional software security main concern is that the permissions and roles of management, such as access control or data confidentiality and integrity, such as...

Sun Management Center不安全默认帐户未授权访问漏洞

Sun Management Center是一款开放的、可扩展的系统监视和管理方案。 Sun Management Center包含的Oracle数据库组件存在默认帐户，远程攻击者可以利用漏洞通过这个帐户未授权访问数据库或以数据库服务进程权限执行任意代码。 目前没有详细漏洞细节提供。 Sun SunMC 3.6.1 Sun SunMC 3.6 Sun SunMC 3.5 update 补丁下载： Sun SunMC 3.5 update 1 Sun 118388-11 Solaris 8...

phpsf-multi.txt

Title: PHP Security Framework Beta 1 Multiple Vulnerabilities and Security Bypass Vendor: http://benjilenoob.66ghz.com/projects/ Advisory: http://acid-root.new.fr/?0:16 Author: DarkFig Released on: 2007/12/16 Changelog: 2007/12/16 Summary: HT Remote File Inclusion MT SQL Injection MT SQL Injectio...

Oracle Database 10g — Code Execution and SQL injection

Application: Oracle Database Versions Affected: Oracle Database 10g R1 Vendor URL: Bugs: SQL Injection,Buffer Owerflov Exploits: YES Reported: 18.12.2007 Vendor response: 20.12.2007 Date of Public Advisory: 16.01.2008 Author: Alexandr Polyakov Description Buffer overflow in...

Oracle XDB component PITRIG_DROPMETADATA buffer overflow

Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...

Oracle XDB component PITRIG_DROPMETADATA buffer overflow

Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...

Oracle XDB component PITRIG_DROPMETADATA buffer overflow

Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...

Oracle XDB component PITRIG_DROPMETADATA buffer overflow

Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...

Oracle Database SYS.LT.FINDRICSET SQL Injection (CVE-2007-5511)

Oracle Database Server is an enterprise-level relational database application suite. An SQL injection vulnerability exists in Oracle Database. The vulnerability is due to an error in the Oracle Database Server that fails to properly sanitize user supplied arguments of the SYS.LT.FINDRICSET...

CVE-2007-5897

Buffer overflow in MDSYS.SDOCS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service crash and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515,...

Buffer overflow

Buffer overflow in MDSYS.SDOCS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service crash and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515,...

CVE-2007-5897

Buffer overflow in MDSYS.SDOCS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service crash and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515,...