CVE-2007-5511

SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are...

CVE-2007-5512

Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV and 10.2.0.3 has unknown impact and remote attack vectors, aka DB21...

Sql injection

Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component CTXDOC in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execute arbitrary SQL commands via the 1 THEMES, 2 GIST, 3 TOKENS, 4 FILTER, 5 HIGHLIGHT, and 6 MARKUP...

CVE-2007-5504

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to 1 Import DB01 and 2 Advanced Queuing DB25. NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINKIN...

CVE-2007-5510

Multiple unspecified vulnerabilities in the Workspace Manager component in Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 have unknown impact and remote attack vectors, aka 1 DB08, 2 DB09, 3 DB10, 4 DB11, 5 DB12, 6 DB13, 7 DB14, 8 DB15, 9 DB16, 10 DB17, and 11 DB18. NOTE...

Design/Logic Flaw

Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.2, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB27...

CVE-2007-5505

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to 1 the Export component DB02, 2 Oracle Text DB04, 3 Oracle Text DB05, 4 Spatial component DB07, and 5 Advanced Security Option DB19...

CVE-2007-5506

The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service CPU consumption via a crafted type 6 Data packet, aka DB20...

CVE-2007-5507

The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service crash or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which...

CVE-2007-5530

Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01...

Buffer overflow

The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service crash or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which...

CVE-2007-5509

Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unknown impact and remote attack vectors, aka DB06...

CVE-2007-5515

Technical details for CVE-2007-5515 are not publicly available in the provided documents; the entries only note an unspecified Spatial component vulnerability with unknown impact. Monitor for updates.

CVE-2007-5510

CVE-2007-5511 relates to an SQL injection vulnerability in Oracle Database's SYS.LT.FINDRICSET function (Workspace/ LT package), exploitable via an Evil Cursor technique to escalate privileges to SYS. Reported for Oracle Database around 10g (pre-10.2.0.x), with exploitation potentially performed ...

CVE-2007-5511

SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are...

CVE-2007-5505

CVE-2007-5505 affects Oracle Database versions 9.0.1.5+; 9.2.0.8/9.2.0.8DV; 10.1.0.5; 10.2.0.3. Reported vulnerabilities relate to the Export component (DB02), Oracle Text (DB04/DB05), Spatial (DB07), and Advanced Security Option (DB19) with unknown impact and remote attack vectors. Connected sou...

CVE-2007-5505

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to 1 the Export component DB02, 2 Oracle Text DB04, 3 Oracle Text DB05, 4 Spatial component DB07, and 5 Advanced Security Option DB19...

CVE-2007-5507

The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service crash or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which...

CVE-2007-5530

Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01...

CVE-2007-5514

CVE-2007-5514 pertains to Oracle Database 10.2.0.3 and involves multiple vulnerabilities affecting the Database Vault component (DB24) and the SQL Execution component (DB26). The initial description states unknown impact and attack vectors for these components. A connected Nessus CPU plugin (Octo...