Lucene search
K

1229 matches found

securityvulns
securityvulns
added 2009/10/22 12:0 a.m.58 views

US-CERT Technical Cyber Security Alert TA09-294A -- Oracle Updates for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA09-294A Oracle Updates for Multiple Vulnerabilities Original release date: Last revised: -- Source: US-CERT Systems Affected Oracle Database 11g, version 11.1.0.7 Oracle Database 10g Release...

1.4AI score
Exploits0
ThreatPost
ThreatPost
added 2009/10/21 2:32 p.m.16 views

Oracle Releases Critical Patch Update

Oracle has released its Critical Patch Update for October 2009 to address 38 vulnerabilities across several database and server products. The update contains the following security fixes: 16 for the Oracle Database 3 for the Oracle Application Server 8 for the Oracle E-Business Suite and...

3.3AI score
Exploits0References4
Oracle
Oracle
added 2009/10/20 12:0 a.m.682 views

Security | Oracle Critical Patch Update - October 2009

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...

10CVSS0.6AI score0.76361EPSS
Exploits17Affected Software28
ThreatPost
ThreatPost
added 2009/10/16 8:31 p.m.11 views

Oracle Mega-Patch Coming Next Tuesday

Oracle has announced plans to ship a Critical Patch Update CPU with fixes for at least 38 security vulnerabilities in a wide range of database and server products. The most serious vulnerabilities affect Oracle Core RDBMS, Oracle JRockit and Oracle Network Authentication. Read the Oracle advance...

2.1AI score
Exploits0References1
Saint
Saint
added 2009/09/01 12:0 a.m.41 views

Oracle Secure Backup property_box.php type parameter command execution

Added: 09/01/2009 CVE: CVE-2009-1978 BID: 35678 OSVDB: 55904 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

9CVSS7.2AI score0.64694EPSS
Exploits13
Saint
Saint
added 2009/09/01 12:0 a.m.25 views

Oracle Secure Backup property_box.php type parameter command execution

Added: 09/01/2009 CVE: CVE-2009-1978 BID: 35678 OSVDB: 55904 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

9CVSS7.2AI score0.64694EPSS
Exploits13
Saint
Saint
added 2009/09/01 12:0 a.m.30 views

Oracle Secure Backup property_box.php type parameter command execution

Added: 09/01/2009 CVE: CVE-2009-1978 BID: 35678 OSVDB: 55904 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

9CVSS7.2AI score0.64694EPSS
Exploits13
securityvulns
securityvulns
added 2009/08/26 12:0 a.m.105 views

Oracle 11g (11.1.0.6) Password Policy and Compliance

Many security standards require the tracking of users' password history to prevent password re-use. In Oracle 11g 11.1.0.6, if a security administrator has enabled 11g passwords exclusively then tracking password history is broken. This can affect compliance. This was addressed by Oracle in their...

2.1CVSS0.01214EPSS
Exploits1
securityvulns
securityvulns
added 2009/08/26 12:0 a.m.112 views

Oracle 11g (11.1.0.6) Password Policy and Compliance

Many security standards require the tracking of users' password history to prevent password re-use. In Oracle 11g 11.1.0.6, if a security administrator has enabled 11g passwords exclusively then tracking password history is broken. This can affect compliance. This was addressed by Oracle in their...

2.1CVSS0.01214EPSS
Exploits1
securityvulns
securityvulns
added 2009/08/19 12:0 a.m.89 views

ZDI-09-059: Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities

ZDI-09-059: Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-09-059 -- CVE ID: CVE-2009-1978 -- Affected Vendors: Oracle -- Affected Products: Oracle Secure Backup -- Vulnerability Details: This vulnerability...

9CVSS1.3AI score0.64694EPSS
Exploits13
Metasploit
Metasploit
added 2009/07/28 1:43 p.m.30 views

Oracle DB SQL Injection via SYS.LT.FINDRICSET Evil Cursor Method

This module will escalate an Oracle DB user to DBA by exploiting a sql injection bug in the SYS.LT.FINDRICSET package via Evil Cursor technique. Tested on oracle 10.1.0.3.0 -- should work on thru 10.1.0.5.0 and supposedly on 11g. Fixed with Oracle Critical Patch update October 2007. This module...

6.5CVSS0.1AI score0.31758EPSS
Exploits2
securityvulns
securityvulns
added 2009/07/16 12:0 a.m.223 views

Oracle Critical Patch Update Advisory - July 2009

Oracle Critical Patch Update Advisory - July 2009 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...

10CVSS0.9AI score0.72638EPSS
Exploits18
Oracle
Oracle
added 2009/07/14 12:0 a.m.664 views

09-07 CPU Advisory

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...

10CVSS1.2AI score0.72638EPSS
Exploits18Affected Software25
Saint
Saint
added 2009/06/22 12:0 a.m.56 views

Oracle Secure Backup login.php ora_osb_lcookie command execution

Added: 06/22/2009 CVE: CVE-2008-4006 BID: 33177 OSVDB: 51343 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

10CVSS7.2AI score0.03433EPSS
Exploits4
Saint
Saint
added 2009/06/22 12:0 a.m.43 views

Oracle Secure Backup login.php ora_osb_lcookie command execution

Added: 06/22/2009 CVE: CVE-2008-4006 BID: 33177 OSVDB: 51343 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

10CVSS7.2AI score0.03433EPSS
Exploits4
Saint
Saint
added 2009/06/22 12:0 a.m.41 views

Oracle Secure Backup login.php ora_osb_lcookie command execution

Added: 06/22/2009 CVE: CVE-2008-4006 BID: 33177 OSVDB: 51343 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

10CVSS7.2AI score0.03433EPSS
Exploits4
exploitpack
exploitpack
added 2009/04/21 12:0 a.m.79 views

Oracle RDBms 10.2.0.311.1.0.6 - TNS Listener (PoC)

Oracle RDBms 10.2.0.311.1.0.6 - TNS Listener PoC TNS Listener Oracle RDBMS exploit, cause trap in Listener process more precisely: in function memcpy called from ncrfintn function which is located in oranro11.dll Successfully working with Oracle RDBMS Win32 11.1.0.6.0 and Oracle RDBMS Win32...

5CVSS6.4AI score0.07578EPSS
Exploits7
seebug.org
seebug.org
added 2009/04/16 12:0 a.m.452 views

Oracle 2009年4月紧急补丁更新修复多个漏洞

BUGTRAQ ID: 34461 CVECAN ID:...

10CVSS0.8AI score0.17865EPSS
Exploits15
ThreatPost
ThreatPost
added 2009/04/15 3:22 p.m.9 views

Oracle plugs critical database server holes

Oracle has released the first Critical Patch Update for 2009 to provide fixes for at least address 43 vulnerabilities across several database server products. The mega update oracle.com, released on the same day Microsoft released its own security patches, plugs at least 16 holes in the company’s...

0.5AI score
Exploits0References3
Oracle
Oracle
added 2009/04/14 12:0 a.m.561 views

cpuapr2009.html

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...

10CVSS0.9AI score0.84807EPSS
Exploits38Affected Software23
Rows per page
Query Builder