101 matches found
CVE-2007-3853
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via 1 DBMSJAVATEST in the JavaVM component DB01, 2 Oracle Text component DB09, and 3 MDSYS.SDOGEORINT in the Spatial component DB15. NOTE: a reliable researcher...
CVE-2007-3857
CVE-2007-3857 affects Oracle Database 10.1.0.5, with vulnerabilities in the Oracle Text component (including vectors DB05, CTXSYS.DRVXMD, CTXSYS.DRI_MOVE_CTXSYS, CTXSYS.DRVXMD) and in JavaVM. The issue allows remotely authenticated users to impact confidentiality, integrity, and availability (per...
CVE-2007-2117
CVE-2007-2117 concerns Oracle Text in Oracle Database 9.0.1.5+ and 9.2.0.5; the note from 2007 CPU claims a buffer overflow in the ctxsrv server daemon, but the impact and exploit details are not publicly provided in the supplied documents. No remediation/patch details are specified here.
CVE-2007-0268
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to 1 the Advanced Queuing component and sys.dbmsaqsys.dbmsaq privileges DB01, 2 Advanced Replication and sys.dbmsrepcatuntrusted DB07, and 3 Oracle Text and ctxloa...
Design/Logic Flaw
Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to 1 NLS Runtime and lmsgen DB12, and 2 Oracle Text and ctxkbtc DB14...
CVE-2007-0278
Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to 1 NLS Runtime and lmsgen DB12, and 2 Oracle Text and ctxkbtc DB14...
Sql injection
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to 1 the Advanced Queuing component and sys.dbmsaqsys.dbmsaq privileges DB01, 2 Advanced Replication and sys.dbmsrepcatuntrusted DB07, and 3 Oracle Text and ctxloa...
CVE-2007-0268
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to 1 the Advanced Queuing component and sys.dbmsaqsys.dbmsaq privileges DB01, 2 Advanced Replication and sys.dbmsrepcatuntrusted DB07, and 3 Oracle Text and ctxloa...
CVE-2007-0268
CVE-2007-0268 affects Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5, with vulnerabilities in Advanced Queuing (sys.dbms_aqsys.dbms_aq privileges DB01), Advanced Replication (sys.dbms_repcat_untrusted DB07), and Oracle Text (ctxload DB15). The underlying impact/attack vectors are not fully detail...
CVE-2007-0278
Technical details for CVE-2007-0278 are not publicly available in the provided documents. No concrete information on affected products, root cause, or remediation is included. Monitor for updates from official advisories.
CVE-2006-0548
CVE-2006-0548 : SQL injection in the Oracle Text component of Oracle Database 10g (and possibly earlier) . The vulnerability arises from inadequate input validation in Oracle Text, potentially allowing remote attackers to execute arbitrary SQL via unknown vectors. Public sources reference related...
Oracle Text SQL injection vulnerability
Overview Oracle Text is vulnerable to SQL injection, which could allow a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description According to Oracle:Oracle Text uses standard SQL to index, search, and analyze text and documents stored in the Oracle...
Sql injection
Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB05 in the a Data Pump component; 2 DB15 in the b Oracle Text component; 3 DB22 in the c Streams Apply component; 4 DB23 and 5 DB24 in th...
Sql injection
Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB17 in the Oracle Text component and 2 DB18 in the Program Interface Network component. NOTE: details are...
Sql injection
Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB04 and 2 DB06 in the a Data Pump component; 3 DB10 in the b Net Listener component; and 4 DB16 in the c Oracle Text component. NOTE: details are...
CVE-2006-0260
CVE-2006-0260 affects Oracle Database Server 9.2.0.7 and 10.1.0.5. The issue is described as a SQL injection vulnerability in SYS.DBMS_METADATA_UTIL (and related DBMS_METADATA packages) caused by insufficient input validation in multiple functions (e.g., LONG2VARCHAR/DBMS_METADATA_UTIL; MAKE_FILT...
CVE-2006-0265
CVE-2006-0265 involves multiple vulnerabilities in Oracle Database server (versions 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, 10.2.0.1). Connected sources (PRION entries) describe a likely SQL injection in CTXSYS and program interface/network components (DB17/DB18), with specific function names cited:...
CVE-2006-0260
Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB05 in the a Data Pump component; 2 DB15 in the b Oracle Text component; 3 DB22 in the c Streams Apply component; 4 DB23 and 5 DB24 in th...
CVE-2006-0259
Concise summary: CVE-2006-0259 relates to multiple unspecified vulnerabilities in Oracle Database Server 10.1.0.5, affecting the Data Pump component (DB04/DB06), Net Listener (DB10), and Oracle Text (DB16). The DB06 issue is alleged to be a SQL injection in specific GENERATE_JOB_NAME/GET_* and re...
CVE-2006-0259
Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB04 and 2 DB06 in the a Data Pump component; 3 DB10 in the b Net Listener component; and 4 DB16 in the c Oracle Text component. NOTE: details are...