CVE-2007-5504

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to 1 Import DB01 and 2 Advanced Queuing DB25. NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINKIN...

CVE-2007-5510

Multiple unspecified vulnerabilities in the Workspace Manager component in Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 have unknown impact and remote attack vectors, aka 1 DB08, 2 DB09, 3 DB10, 4 DB11, 5 DB12, 6 DB13, 7 DB14, 8 DB15, 9 DB16, 10 DB17, and 11 DB18. NOTE...

CVE-2007-5511

CVE-2007-5511 is a SQL injection vulnerability in Oracle Database Workspace Manager (SYS.LT.FINDRICSET) that allows an attacker to execute arbitrary SQL via the vulnerable parameter. The flaw affects Workspace Manager components prior to OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0. Public w...

CVE-2007-5506

The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service CPU consumption via a crafted type 6 Data packet, aka DB20...

CVE-2007-5506

The CVE-2007-5506 entry concerns Oracle Database Core RDBMS components (versions 9.0.1.5+; 9.2.0.8; 9.2.0.8DV; 10.1.0.5; 10.2.0.3) where a remote attacker can cause a denial of service by sending a crafted type 6 Data packet (DB20). The vulnerability is a DoS affecting CPU usage, with no document...

CVE-2007-5520

Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05...

CVE-2007-5508

CVE-2007-5508 concerns the CTXSYS Intermedia/Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3. The vulnerability enables SQL injection via six procedures (THEMES, GIST, TOKENS, FILTER, HIGHLIGHT, MARKUP), with remote authenticated users able to execute arbitrary SQL comman...

CVE-2007-5508

Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component CTXDOC in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execute arbitrary SQL commands via the 1 THEMES, 2 GIST, 3 TOKENS, 4 FILTER, 5 HIGHLIGHT, and 6 MARKUP...

CVE-2007-5504

CVE-2007-5504 corresponds to multiple vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5, with affected areas including Import (DB01) and Advanced Queuing (DB25). The connected sources reference a suspected buffer overflow in DBLINK_INFO within DBMS_AQADM_SYS for DB25. The available documen...

Input validation

Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow remote authenticated users to have an unknown impact via 1 EXFSYS.DBMSRLMGRUTL in Rules Manager DB11 and 2 Program Interface DB13...

CVE-2007-3859

Unspecified vulnerability in the Oracle Internet Directory component for Oracle Database 9.2.0.8 and 9.2.0.8DV; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka OID01...

Design/Logic Flaw

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via 1 SYS.DBMSPRVTAQIS in the Advanced Queuing component DB02 and 2 MDSYS.MD in the Spatial component DB12. NOTE: Oracle has not disputed reliable...

CVE-2007-3855

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via 1 SYS.DBMSDRS in the DataGuard component DB03, 2 SYS.DBMSSTANDARD in the PL/SQL component DB10, 3 MDSYS.RTREEIDX in the...

CVE-2007-3854

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via 1 SYS.DBMSPRVTAQIS in the Advanced Queuing component DB02 and 2 MDSYS.MD in the Spatial component DB12. NOTE: Oracle has not disputed reliable...

Design/Logic Flaw

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow remote authenticated users to have an unknown impact via a the Oracle Text component, including 1 unspecified vectors DB05, 2 CTXSYS.DRVXMD DB06, 3 CTXSYS.DRIMOVECTXSYS DB07, 4 CTXSYS.DRVXMD DB08, and b JavaVM DB14...

CVE-2007-3857

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow remote authenticated users to have an unknown impact via a the Oracle Text component, including 1 unspecified vectors DB05, 2 CTXSYS.DRVXMD DB06, 3 CTXSYS.DRIMOVECTXSYS DB07, 4 CTXSYS.DRVXMD DB08, and b JavaVM DB14...

Buffer overflow

Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMPSYS, aka DB04...

Design/Logic Flaw

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via 1 SYS.DBMSDRS in the DataGuard component DB03, 2 SYS.DBMSSTANDARD in the PL/SQL component DB10, 3 MDSYS.RTREEIDX in the...

CVE-2007-3855

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via 1 SYS.DBMSDRS in the DataGuard component DB03, 2 SYS.DBMSSTANDARD in the PL/SQL component DB10, 3 MDSYS.RTREEIDX in the...

CVE-2007-3853

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via 1 DBMSJAVATEST in the JavaVM component DB01, 2 Oracle Text component DB09, and 3 MDSYS.SDOGEORINT in the Spatial component DB15. NOTE: a reliable researcher...