1190 matches found
CVE-2008-2577
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors...
CVE-2008-1816
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 have unknown impact and remote authenticated attack vectors related to 1 SDOUTIL in the Oracle Spatial component, aka DB05; or 2 fine grained auditing in the Audit component, aka DB14. NOTE: the previous information was...
CVE-2007-5894
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 krb5 does not initialize the length variable when authtype has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the...
DEBIAN-CVE-2007-5894
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 krb5 does not initialize the length variable when authtype has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the...
CVE-2007-5972
Double free vulnerability in the krb5defstoremkey function in lib/kdb/kdbdefault.c in MIT Kerberos 5 krb5 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store...
CVE-2007-5894
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 krb5 does not initialize the length variable when authtype has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the...
IBM Lotus Domino IMAP Service Mailbox Name Overflow
The IMAP server component of IBM Lotus Domino Server installed on the remote host fails to properly validate the mailbox name before copying it into a fixed-size stack buffer as part of handling certain unspecified commands. Using a specially crafted mailbox name to which he is subscribed, an...
Code injection
Unspecified vulnerability in the Sales Online component for Oracle E-Business Suite 11.5.10 has unknown impact and remote authenticated attack vectors, aka APPS08...
CVE-2007-2109
Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have unknown impact and remote authenticated attack vectors related to 1 Rules Manager and Expression Filter components DB02 and 2 Oracle Streams DB06. Note: as of 20070424, Oracle has not disputed reliable claims that DB02 is for a...
CVE-2007-2109
CVE-2007-2109 affects Oracle Database 10.2.0.3 with reported issues in two components: (1) Rules Manager and Expression Filter (DB02) due to a race condition in the RLMGR_TRUNCATE_MAINT trigger that can change AUTHID from DEFINER to CURRENT_USER after TRUNCATE, and (2) Oracle Streams (DB06) due t...
CVE-2006-5339
Unspecified vulnerability in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdogeom, aka Vuln DB11. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties th...
CVE-2006-5335
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 have unknown impact and remote authenticated attack vectors related to 1 Vuln DB04 and sys.dbmscdcimpdp in the a Change Data Capture CDC component; 2 Vuln DB07, 3 DB08, and 4 DB16 in sys.dbmscdcisubscribe in CDC; and 5...
CVE-2006-5336
Multiple unspecified vulnerabilities in the Change Data Capture CDC component in Oracle Database 9.2.0.7, 10.1.0.5, and have unknown impact and remote authenticated attack vectors related to 1 sys.dbmscdcipublish Vuln DB05 and 2 sys.dbmscdcisubscribe DB06. NOTE: as of 20061023, Oracle has not...
CVE-2006-5333
Unspecified vulnerability in Oracle Spatial component in Oracle Database 10.2.0.2 has unknown impact and remote authenticated attack vectors related to "create session" privileges, aka Vuln DB02. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB02 is for SQ...
CVE-2006-5340
Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 have unknown impact and remote authenticated attack vectors related to 1 mdsys.sdolrs, aka Vuln DB13, and 2 Vuln DB17. NOTE: as of 20061023, Oracle has not dispute...
CVE-2006-5343
Unspecified vulnerability in Database Scheduler component in Oracle Database 10.1.0.3 has unknown impact and remote authenticated attack vectors related to sys.dbmsscheduler, aka Vuln DB19...
CVE-2006-5345
Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdogeom, aka Vuln DB22. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB22 i...
CVE-2006-5377
Unspecified vulnerability in PeopleSoft component in Oracle PeopleSoft Enterprise 8.80 GA, 8.90 GA, 8.8 Bundle 11, and 8.9 Bundle 4 has unknown impact and remote authenticated attack vectors, aka Vuln PSE05...
CVE-2006-5335
CVE-2006-5335 affects Oracle Database 10.1.0.5 and 10.2.0.2, with issues reported in the CDC and Spatial areas. The linked CERT entry attributes a PL/SQL injection-style vulnerability to the SYS.DBMS_CDC_IMPDP package, tied to BUMP_SEQUENCE (DB04) and related CDC/Spatial procedures (CREATE_SUBSCR...
CVE-2006-5370
Technical details about CVE-2006-5370 are not publicly available in the supplied documents; no affected products, vulnerable components, or remediation specifics are provided here. Monitor for updates.