Lucene search
K

5 matches found

Prion
Prion
added 2006/02/04 2:2 a.m.25 views

Buffer overflow

Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTHALTERSESSION attribute in the authentication phase of t...

7.5CVSS7.4AI score0.0965EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2006/02/04 2:0 a.m.68 views

CVE-2006-0547

CVE-2006-0547 affects Oracle Database 8i, 9i, and 10g. The issue arises in the authentication phase of the Transparent Network Substrate (TNS) protocol where a modified AUTH_ALTER_SESSION attribute can be exploited by remote authenticated users to execute arbitrary SQL statements in the context o...

7.5CVSS7.2AI score0.0965EPSS
Exploits0References8Affected Software1
CERT
CERT
added 2006/01/20 12:0 a.m.48 views

Oracle TNS protocol fails to properly validate authentication requests

Overview The Oracle TNS protocol authentication mechanism fails to properly sanitize authentication requests, possibly allowing a remote attacker to execute arbitrary SQL statements with elevated privileges. Description Oracle databases authenticate and manage database connections via Oracle...

10CVSS7.4AI score0.05274EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/01/18 11:0 a.m.27 views

CVE-2006-0265

Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB17 in the Oracle Text component and 2 DB18 in the Program Interface Network component. NOTE: details are...

7.5AI score0.05274EPSS
Exploits1References15
CVE
CVE
added 2006/01/18 11:0 a.m.67 views

CVE-2006-0265

CVE-2006-0265 involves multiple vulnerabilities in Oracle Database server (versions 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, 10.2.0.1). Connected sources (PRION entries) describe a likely SQL injection in CTXSYS and program interface/network components (DB17/DB18), with specific function names cited:...

10CVSS7.5AI score0.05274EPSS
Exploits1References15Affected Software1
Rows per page
Query Builder