128 matches found
CVE-2011-3511
Oracle Database Vault (Database Vault component) on 10gR2/11gR1/11gR2 is affected by CVE-2011-3511, where users with DV_ACCTMGR or SYSDBA can bypass protections and execute OCIPasswordChange to change any user’s password. Root cause relates to privileged account handling; advisory TeamSHATTER not...
CVE-2011-2322
CVE-2011-2322 affects Oracle Database Server 11.1.0.7 (Database Vault component). The issue, tied to SYSDBA privileges, allows a remote authenticated user to bypass protections and modify user passwords via the OCIPasswordChange API, impacting integrity and availability. The related advisory note...
CVE-2011-2238
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity, related to DBMSSYSSQL...
Design/Logic Flaw
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity, related to DBMSSYSSQL...
CVE-2011-2238
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity, related to DBMSSYSSQL...
CVE-2011-2238
Technical details about CVE-2011-2238 are not provided in the connected documents. The OpenVAS NASL entry and ENISA EUVD record list the vulnerability generically without specifics. Monitor for updates from official advisories.
Oracle Database Multiple Vulnerabilities (July 2011 CPU)
The remote Oracle database server is missing the July 2011 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Core RDBMS CVE-2011-0832, CVE-2011-0835, CVE-2011-0838, CVE-2011-0880, CVE-2011-2230, CVE-2011-2239, CVE-2011-2243,...
Oracle Database Multiple Vulnerabilities (April 2011 CPU)
The remote Oracle database server is missing the April 2011 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Oracle Warehouse Builder CVE-2011-0792, CVE-2011-0799 - Oracle Security Service CVE-2009-3555 - Application Service Level...
CVE-2011-0793
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity and availability, related to SYSDBA...
Design/Logic Flaw
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity and availability, related to SYSDBA...
CVE-2011-0793
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity and availability, related to SYSDBA...
CVE-2011-0804
CVE-2011-0804 affects Oracle Database Server via the Database Vault component across versions 10.2.0.3–11.2.0.2. The impact is confidentiality and integrity with unknown vectors and requires remote authenticated access (per CVE entry and NVD entry). Oracle’s April 2011 CPU advisory documents this...
CVE-2011-0793
CVE-2011-0793 affects Oracle Database Server, specifically the Database Vault component, with affected versions: 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1. The vulnerability is described as “unspecified” and a remote authenticated user could impact integrity and availability , with the...
The Oracle Quarterly Patch Update
January 18th marks the 6th anniversary of the Oracle Critical Patch Update CPU in its current form as a quarterly patch. For those who remember, before the CPU, Oracle released patches as Security Alerts, the last being Security Alert 68 at the end of August 2004. In the past 6 years, CPUs have...
CVE-2010-4420
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows local users to affect confidentiality and integrity via unknown vectors...
CVE-2010-4421
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows local users to affect confidentiality and integrity via unknown vectors...
CVE-2010-4421
CVE-2010-4421 concerns Oracle Database Server’s Database Vault component (versions 10.2.0.3–11.2.0.1). The connected ThreatPost coverage notes it is remotely exploitable over HTTP without authentication, allowing impacts to confidentiality, integrity, and availability. The CVE is addressed in Ora...