Design/Logic Flaw

Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has unknown impact and attack vectors related to the Export component and expdp or impdp, aka DB11...

Cross site scripting

Cross-site scripting XSS vulnerability in Oracle Reports Web Cartridge RWCGI60 in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 10.1.2; and Oracle E-Business Suite and...

Cross site scripting

Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting XSS vulnerabilities...

CVE-2007-0270

Buffer overflow in SYS.DBMSDRS in Oracle Database 9.2.0.7 and 10.1.0.4 allows remote authenticated users to cause a denial of service crash or execute arbitrary code via the GETPROPERTY function in SYS.DBMSDRS, aka DB03...

CVE-2007-0268

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to 1 the Advanced Queuing component and sys.dbmsaqsys.dbmsaq privileges DB01, 2 Advanced Replication and sys.dbmsrepcatuntrusted DB07, and 3 Oracle Text and ctxloa...

CVE-2007-0268

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to 1 the Advanced Queuing component and sys.dbmsaqsys.dbmsaq privileges DB01, 2 Advanced Replication and sys.dbmsrepcatuntrusted DB07, and 3 Oracle Text and ctxloa...

CVE-2007-0275

Cross-site scripting XSS vulnerability in Oracle Reports Web Cartridge RWCGI60 in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 10.1.2; and Oracle E-Business Suite and...

CVE-2007-0277

Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has unknown impact and attack vectors related to the Export component and expdp or impdp, aka DB11...

CVE-2007-0270

Buffer overflow in SYS.DBMSDRS in Oracle Database 9.2.0.7 and 10.1.0.4 allows remote authenticated users to cause a denial of service crash or execute arbitrary code via the GETPROPERTY function in SYS.DBMSDRS, aka DB03...

CVE-2007-0276

Technical details about CVE-2007-0276 are not publicly available in the provided documents. Monitor for updates and consult official advisories for any affected Oracle Database components and fixes.

CVE-2007-0272

Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 allows remote authenticated users to cause a denial of service crash or execute arbitrary code via unspecified vectors involving certain public procedures, aka DB05...

CVE-2007-0276

Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 and 9.0.1.5 have unknown impact and attack vectors related to 1 Advanced Security Option and oklist or okdstry DB10, 2 Oracle Net Services DB13, and 3 Recovery Manager and oklist DB16...

CVE-2007-0274

Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10.1.0.5 have unknown impact and attack vectors related to 1 Export and sys.dbmslogreputil DB08, and 2 Oracle Streams and sys.dbmscaptureadminternal privileges DB09. NOTE: Oracle has not disputed reliable researcher claims that...

CVE-2007-0273

Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting XSS vulnerabilities...

CVE-2007-0269

CVE-2007-0269 affects Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3. The description specifies an unspecified vulnerability with unknown impact and attack vectors linked to Change Data Capture and the sys.dbms_cdc_subscribe privileges (aka DB02). The connected documents provide no concrete expl...

CVE-2007-0272

The CVE-2007-0272 issue affects Oracle Database Server (MDSYS.MD package) and is confirmed by connected sources. A buffer overflow in MDSYS.MD allows remote authenticated users to crash the server or run arbitrary code, via public procedures in Oracle Database versions 8.1.7.4, 9.0.1.5, 9.2.0.7, ...

CVE-2007-0269

Unspecified vulnerability in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to the Change Data Capture and sys.dbmscdcsubscribe privileges, aka DB02...

CVE-2007-0275

CVE-2007-0275 is a documented cross-site scripting (XSS) vulnerability in the Oracle Reports Web Cartridge (RWCGI60) within the Workflow Cartridge component. The issue allows remote authenticated users to inject arbitrary HTML or web script by supplying a crafted value to the genuser parameter of...

Oracle MD2 component SDO_CODE_SIZE buffer overflow

Added: 12/18/2006 CVE: CVE-2004-1774 BID: 10871 OSVDB: 9867 Background Oracle Database is a relational database solution available for multiple platforms. Problem A buffer overflow in the SDOCODESIZE function in the MD2 component of Oracle Database allows remote attackers to execute arbitrary...

Oracle MD2 component SDO_CODE_SIZE buffer overflow

Added: 12/18/2006 CVE: CVE-2004-1774 BID: 10871 OSVDB: 9867 Background Oracle Database is a relational database solution available for multiple platforms. Problem A buffer overflow in the SDOCODESIZE function in the MD2 component of Oracle Database allows remote attackers to execute arbitrary...