Lucene search
+L

4 matches found

Check Point Advisories
Check Point Advisories
added 2009/12/17 12:0 a.m.45 views

Oracle Database Server CREATE_TABLES SQL Injection (CVE-2009-1991)

The Oracle Database server is an enterprise-level relational database application suite. An SQL injection vulnerability has been reported in Oracle Database server. The vulnerability is due to an input validation error in the Oracle Database server CREATETABLES function. A remote attacker can...

3.6CVSS7.8AI score0.01712EPSS
Exploits0
securityvulns
securityvulns
added 2009/11/30 12:0 a.m.121 views

Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others

Hi! I've just released the working exploit for CTXSYS.DRVXTABC.CREATETABLES injection on Oracle DB 9i/10g CVE-2009-1991 You can find the code on my site, http://rawlab.mindcreations.com In particular, Classic SQL injection:...

3.6CVSS2.5AI score0.01712EPSS
Exploits0
CVE
CVE
added 2009/10/22 6:0 p.m.69 views

CVE-2009-1991

CVE-2009-1991 affects Oracle Database (9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4) in the CTXSYS.DRVXTABC.CREATE_TABLES PL/SQL call. The vulnerability is a SQL injection in the create_tables procedure (idx_owner and idx_name parameters) that can be exploited by remote authenticated users, impacting c...

3.6CVSS6.5AI score0.01712EPSS
Exploits0References6Affected Software1
erpscan
erpscan
added 2008/01/29 12:0 a.m.45 views

Oracle Database 10G CTXSYS.DRVXTABX — PLSQL Injection

Application: Oracle Database 10G Versions Affected: Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 Vendor URL: Bugs: PL/SQL Injections Exploits: YES Reported: 29.01.2008 Vendor response: 31.01.2008 CVE: CVE-2009-1991 SVSS2: 3.6 Date of Public Advisory: 26.10.2009 Solution: YES Non official Author:...

3.6CVSS0.8AI score0.01712EPSS
Exploits0
Rows per page
Query Builder