oracle_xmldb_css.txt

Cross-Site-Scripting Vulnerability in Oracle XMLDB Name Cross-Site-Scripting Vulnerability in Oracle XMLDB Systems Affected Oracle Database 9i Rel. 2 Severity Low Risk Category Cross Site Scripting CSS/XSS Vendor URL http://www.oracle.com This advisory...

oracle_isqlplus_css.txt

Cross-Site-Scripting Vulnerability in Oracle iSQLPlus Name Cross-Site-Scripting Vulnerability in Oracle iSQLPlus Systems Affected Oracle Database 9i Rel. 2 Severity Low Risk Category Cross Site Scripting CSS/XSS Vendor URL http://www.oracle.com This advisory...

[Full-disclosure] Cross-Site-Scripting Vulnerability in Oracle iSQL*Plus

Cross-Site-Scripting Vulnerability in Oracle iSQLPlus Name Cross-Site-Scripting Vulnerability in Oracle iSQLPlus Systems Affected Oracle Database 9i Rel. 2 Severity Low Risk Category Cross Site Scripting CSS/XSS Vendor URL http://www.oracle.com This advisory...

Oracle 9.0 iSQL*Plus - TLS Listener Remote Denial of Service

Oracle 9.0 iSQLPlus - TLS Listener Remote Denial of Service source: https://www.securityfocus.com/bid/15032/info Oracle iSQLPLUS is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users. By issuing a...

CVE-2005-1495

Oracle Database 9i and 10g disables Fine Grained Audit FGA after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection...

CVE-2005-1495

Oracle Database 9i and 10g disables Fine Grained Audit FGA after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection...

Oracle Database 9i/10g Fine Grained Auditing (FGA) SELECT Statement Logging Weakness

The remote host is running a version of Oracle Database that, according to its version number, suffers from a flaw in which Fine Grained Auditing FGA becomes disabled when the user SYS runs a SELECT statement. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Oracle 9i/10g - Database Fine Grained Audit Logging Failure

source: https://www.securityfocus.com/bid/13510/info Oracle 9i/10g Database is prone to a logging failure vulnerability that exists in Fine Grained Audit FGA functionality. Reports indicate that FGA may be disabled inadvertently, without notifying the database administrator. This results in FGA...

CVE-2005-1197

CVE-2005-1197 is a SQL injection vulnerability in Oracle Database Server 10g affecting the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure via the CHANGE_SET_NAME parameter. Remote attackers could potentially execute arbitrary SQL commands; impact and remediation details are not specified i...

[AppSecInc Team SHATTER Security Advisory] Multiple SQL Injection vulnerabilities in DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSCRIBE packages

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple SQL Injection vulnerabilities in DBMSCDCSUBSCRIBE and DBMSCDCISUBSCRIBE packages AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle/2005-02.html April 18, 2005 Affected Versions: Oracle Database Server...

[AppSecInc Team SHATTER Security Advisory] SQL Injection in ALTER_MANUALLOG_CHANGE_SOURCE procedure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SQL Injection in ALTERMANUALLOGCHANGESOURCE procedure AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle/2005-04.html April 18, 2005 Affected versions: Oracle Database Server version 10g Risk level: High Credits:...

[AppSecInc Team SHATTER Security Advisory] SQL Injection in CREATE_SCN_CHANGE_SET procedure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SQL Injection in CREATESCNCHANGESET procedure AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle/2005-05.html April 18, 2005 Affected versions: Oracle Database Server version 10g Risk level: High Credits: This...

Oracle Database Multiple Remote Vulnerabilities

Binary data 2840.prm...

CVE-2004-0637

Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible...

Oracle 8.x9.x10.x Database - Multiple SQL Injections

Oracle 8.x9.x10.x Database - Multiple SQL Injections source: https://www.securityfocus.com/bid/13144/info Oracle database is reported prone to multiple SQL injection vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data. These issues can be exploited using...

Oracle Database Server 10.1.0.2 - Local Buffer Overflow

Oracle Database Server 10.1.0.2 - Local Buffer Overflow / Advanced SQL Injection in Oracle databases Exploit for the buffer overflow vulnerability in procedure MDSYS.MD2.SDOCODESIZE of Oracle Database Server version 10.1.0.2 under Windows 2000 Server SP4. Fixes available at...

Oracle Database 10.1 - MDSYS.MD2.SDO_CODE_SIZE Buffer Overflow

Oracle Database 10.1 - MDSYS.MD2.SDOCODESIZE Buffer Overflow source: https://www.securityfocus.com/bid/13145/info Oracle Database is reported prone to a buffer overflow vulnerability. Reportedly this issue affects the 'MDSYS.MD2.SDOCODESIZE' procedure. An attacker can supply excessive data to an...

Oracle Database Server <= 10.1.0.2 Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ========================================================== Oracle Database Server = 10.1.0.2 Buffer Overflow Exploit ========================================================== / Advanced SQL Injection in Oracle databases Exploit for the buff...

Oracle Database PL/SQL Statement Multiple SQL Injection Exploits

Exploit for unknown platform in category local exploits ================================================================ Oracle Database PL/SQL Statement Multiple SQL Injection Exploits ================================================================ / Advanced SQL Injection in Oracle databases...

Oracle Database Multiple Remote Vulnerabilities

Binary data 2822.prm...