Lucene search
K

5 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.256 views

Oracle DB 10gR2, 11gR1/R2 DBMS_JVM_EXP_PERMS OS Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB 10gR2, 11gR1/R2 DBMSJVMEXPPERMS OS Command Execution', 'Description' = %q This module exploits a flaw 0 day in DBMSJVMEXPPERMS package...

6.5CVSS6.6AI score0.1125EPSS
Exploits4
Circl
Circl
added 2018/05/29 3:50 p.m.14 views

CVE-2010-0866

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/sqli/oracle/jvmoscode10g.rb 2018-05-29 15:50:33+00:00| seen|...

6.5CVSS5.5AI score0.1125EPSS
Exploits4References2
Check Point Advisories
Check Point Advisories
added 2010/05/12 12:0 a.m.33 views

Oracle Database DBMS_JVM_EXP_PERMS System Command Execution (CVE-2010-0866; CVE-2010-0867)

Oracle Database server is an enterprise-level relational database application suite. A privilege escalation vulnerability exists in Oracle Database server that can allow users with limited privileges to execute arbitrary operating system commands on a target server. The vulnerability is due to an...

6.5CVSS7.3AI score0.1125EPSS
Exploits4
CVE
CVE
added 2010/04/13 10:0 p.m.71 views

CVE-2010-0866

CVE-2010-0866 concerns Oracle Database JavaVM; connected docs cite exploits for DBMS_JVM_EXP_PERMS enabling OS command/code execution via remote authenticated users (CREATE_SESSION) on Oracle DB 10gR2/11gR1/R2. The flaw allows granting Java IO privileges, per Metasploit modules referenced in PACK...

6.5CVSS5.7AI score0.1125EPSS
Exploits4References2Affected Software1
Metasploit
Metasploit
added 2010/03/15 4:34 p.m.71 views

Oracle DB 11g R1/R2 DBMS_JVM_EXP_PERMS OS Code Execution

This module exploits a flaw 0 day in DBMSJVMEXPPERMS package that allows any user with create session privilege to grant themselves java IO privileges. Identified by David Litchfield. Works on 11g R1 and R2 Windows only. This module requires Metasploit: https://metasploit.com/download Current...

6.5CVSS6.9AI score0.1125EPSS
Exploits4
Rows per page
Query Builder