CVE-2006-0549

SQL injection vulnerability in the SYS.DBMSMETADATAUTIL package in Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being...

CVE-2006-0549

Technical details about CVE-2005-0549 are not publicly available in the provided connected documents. Monitor for updates from Oracle advisories and vulnerability databases before drawing conclusions about impact or remediation.

CVE-2006-0547

CVE-2006-0547 affects Oracle Database 8i, 9i, and 10g. The issue arises in the authentication phase of the Transparent Network Substrate (TNS) protocol where a modified AUTH_ALTER_SESSION attribute can be exploited by remote authenticated users to execute arbitrary SQL statements in the context o...

CVE-2006-0551

Technical details for CVE-2006-0551 are not publicly provided in the supplied documents. Monitoring for updates is advised, as the corpus does not specify affected versions, vectors, or remediation information.

CVE-2006-0548

SQL injection vulnerability in the Oracle Text component of Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created...

CVE-2006-0548

CVE-2006-0548 : SQL injection in the Oracle Text component of Oracle Database 10g (and possibly earlier) . The vulnerability arises from inadequate input validation in Oracle Text, potentially allowing remote attackers to execute arbitrary SQL via unknown vectors. Public sources reference related...

Oracle Database Detection

Binary data 3398.prm...

Oracle Database Detection

Binary data 3395.prm...

OraGENERATESCHEMAExploits.txt

/ Argeniss - Information Security http://www.argeniss.com infoatdotatdotc:\Unbreakable.txt' FROM DUAL; / Argeniss - Information Security http://www.argeniss.com infoatdotatdotcom Oracle version: 10g Release 1 Platform: Linux Shellcode opens a shell on port 4444 from www.metasploit.com. / DECLARE ...

Oracle Database Server 9i/10g (XML) Buffer Overflow Exploit

Exploit for unknown platform in category local exploits =========================================================== Oracle Database Server 9i/10g XML Buffer Overflow Exploit =========================================================== / Argeniss - Information Security http://www.argeniss.com...

Oracle Database Server 9i/10g - 'XML' Local Buffer Overflow

/ Argeniss - Information Security http://www.argeniss.com infoatdotatdotc:\Unbreakable.txt' FROM DUAL; / Argeniss - Information Security http://www.argeniss.com infoatdotatdotcom Oracle version: 10g Release 1 Platform: Linux Shellcode opens a shell on port 4444 from www.metasploit.com. / DECLARE ...

Oracle Database XML Database SQL Injection vulnerability

Overview Oracle Database XML Database XML DB is vulnerable to SQL injection, possibly allowing a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description According to Oracle:Oracle XML DB is a feature of the Oracle Database. It provides a high-performance...

CVE-2006-0261

Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB07 in the Dictionary component and 2 DB14 in the Oracle Label Security component. NOTE: Oracle has not disputed...

Design/Logic Flaw

Unspecified vulnerability in the Connection Manager component of Oracle Database server 8.1.7.4 and 9.0.1.5 has unspecified impact and attack vectors, as identified by Oracle Vuln DB03...

Sql injection

Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB17 in the Oracle Text component and 2 DB18 in the Program Interface Network component. NOTE: details are...

Sql injection

Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln DB02. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliab...

Design/Logic Flaw

Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln DB08...

Design/Logic Flaw

Unspecified vulnerability in Oracle Database Server 9.2.0.7, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 Oracle9i, and E-Business Suite and Applications 11.5.10 has unspecified impact and attack vectors, as identified by Oracle Vuln WF01 in the Oracle...

Design/Logic Flaw

Unspecified vulnerability in the Security component of Oracle Database server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln DB21...

CVE-2006-0283

Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, Application Server 10.1.2.0.2, and Collaboration Suite Release 2, version 9.0.4.2 Oracle9i has unspecified impact and attack vectors, as identified by Oracle Vuln DBC02 in the Reorganize Objects & Convert Tablespace component...