CVE-2011-0848

CVE-2011-0848 involves Oracle Database Server (versions 10.1.0.5, 10.2.0.3–10.2.0.5, 11.1.0.7, 11.2.0.1–11.2.0.2) and Oracle Enterprise Manager Grid Control (10.1.0.6, 10.2.0.5). The vulnerability lies in the Security Framework component and is described as an unspecified issue that allows remote...

CVE-2011-2232

CVE-2011-2232 affects Oracle Database Server XML Developer Kit. The vulnerable products include Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 11.1.0.7, 11.2.0.1 and Oracle Fusion Middleware 10.1.3.5. The issue is described as an unspecified vulnerability in the XML Developer Kit component ...

CVE-2011-0880

Technical details for CVE-2011-0880 are not publicly available in the provided documents. Monitor for updates.

CVE-2011-0877

The CVE-2011-0877 entry concerns an unspecified vulnerability in Oracle’s Instance Management component affecting Oracle Database Server versions 10.1.0.5, 10.2.0.3, 10.2.0.4 and Oracle Enterprise Manager Grid Control 10.1.0.6. The issue is described as allowing remote attackers to affect integri...

CVE-2011-0875

Oracle Database Server EMCTL Component Unspecified Vulnerability (CVE-2011-0875) affects EMCTL in Oracle Database Server 11.1.0.7 and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1. Root cause is an unspecified vulnerability allowing remote authenticated users to affect c...

CVE-2011-0876

Unspecified vulnerability in the Enterprise Manager Console component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vecto...

CVE-2011-0831

Oracle CVE-2011-0831 affects Oracle Database Server versions 10.1.0.5, 10.2.0.3/4/5, 11.1.0.7, 11.2.0.1/2 and Oracle Enterprise Manager Grid Control 10.1.0.6/10.2.0.5. Description: Unspecified vulnerability in the Enterprise Config Management component allows remote authenticated users to affect ...

CVE-2011-0870

Unspecified vulnerability in the Schema Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and...

CVE-2011-0831

Unspecified vulnerability in the Enterprise Config Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote authenticated users to affect confidentiality...

CVE-2011-0822

CVE-2011-0822 affects Oracle Database Server’s Streams, AQ & Replication Mgmt Component (Oracle Database Server 10.1.0.5 and 10.2.0.3) and Oracle Enterprise Manager Grid Control 10.1.0.6. The vulnerability is described as unspecified, with impact to confidentiality, integrity, and availability (p...

CVE-2011-0822

Unspecified vulnerability in the Streams, AQ & Replication Mgmt component in Oracle Database Server 10.1.0.5 and 10.2.0.3, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2011-0882

Technical details for CVE-2011-0882 are not publicly provided in the supplied documents. Monitor for updates from connected sources; no specific impact, affected product scope, or remediation available here.

Oracle to Fix 78 Bugs in July Patch Update

Oracle on Tuesday will issue fixes for 78 vulnerabilities in a number of the company’s products, including its Database Server, Fusion, PeopleSoft and Secure Backup. A number of the bugs Oracle is fixing can be used for remote code execution. The Oracle Critical Patch Update for July is a huge...

Oracle Releases Critical Patch Update for July 2011

Oracle has released its Critical Patch Update for July 2011 to address 78 vulnerabilities across multiple products. This update contains the following security fixes: 13 for Oracle Database Server 3 for Oracle Secure Backup 7 for Oracle Fusion Middleware 18 for Oracle Enterprise Manager 1 for...

bcksrvr format string in Sybase Adaptive Server 15.5

Luigi Auriemma Application: Sybase Adaptive Server http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise Versions: = 15.5 Platforms: Solaris, Windows, Linux, AIX, HP Bug: format string in bcksrvr Exploitation: remote, versus server Date: 27 Jun 2011 found 28 Oct 2010 Author:...

bcksrvr format string in Sybase Adaptive Server 15.5

Luigi Auriemma Application: Sybase Adaptive Server http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise Versions: = 15.5 Platforms: Solaris, Windows, Linux, AIX, HP Bug: format string in bcksrvr Exploitation: remote, versus server Date: 27 Jun 2011 found 28 Oct 2010 Author:...

mysql-audit NSE Script

Audits MySQL database server security configuration against parts of the CIS MySQL v1.0.2 benchmark the engine can be used for other MySQL audits by creating appropriate audit files. Script Arguments mysql-audit.password the password with which to connect to the database mysql-audit.username the...

CVE-2011-0870

Unspecified vulnerability in the Schema Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and...

CVE-2011-0822

Unspecified vulnerability in the Streams, AQ & Replication Mgmt component in Oracle Database Server 10.1.0.5 and 10.2.0.3, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

Oracle Database Multiple Vulnerabilities (April 2011 CPU)

The remote Oracle database server is missing the April 2011 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Oracle Warehouse Builder CVE-2011-0792, CVE-2011-0799 - Oracle Security Service CVE-2009-3555 - Application Service Level...