17 matches found
Vulnerabilities fixed in Oracle Hyperion
Vulnerabilities have been fixed in Oracle Hyperion products. A malicious party can exploit the vulnerabilities to gain full control to the Oracle Hyperion infrastructure. ------------------.------.------------------------------------- | CVE-ID | CVSS | Vector |...
Oracle Java SE Security Update (jul2021) 03 - Windows
This host is missing a security update according to Oracle. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle WebLogic Apache Commons library deserialization vulnerability
Added: 11/20/2015 CVE: CVE-2015-4852 BID: 77539 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Apache Commons is a widely used Java library which is included in WebLogic Server. Problem A vulnerability in the Apache Commons library used by Oracl...
Oracle WebLogic Apache Commons library deserialization vulnerability
Added: 11/20/2015 CVE: CVE-2015-4852 BID: 77539 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Apache Commons is a widely used Java library which is included in WebLogic Server. Problem A vulnerability in the Apache Commons library used by Oracl...
Critical: Red Hat Security Advisory: java-1.7.0-oracle security update
Updated java-1.7.0-oracle packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Critical: Red Hat Security Advisory: java-1.6.0-sun security update
Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Sun Java Web Start command-line argument injection
Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...
Sun Java Web Start command-line argument injection
Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...
Critical: Red Hat Security Advisory: java-1.6.0-sun security update
Updated java-1.6.0-sun packages that fix two security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Oracle 9iAS PORTAL_DEMO ORG_CHART
In your installation of Oracle 9iAS, it is possible to access a demo PORTALDEMO.ORGCHART via modplsql. Access to these pages should be restricted, because it may be possible to abuse this demo for SQL Injection attacks. OpenVAS Vulnerability Test $Id: oracle9iportaldemoorgchart.nasl 8023 2017-12-...
Oracle Security Alert #68
Binary data 2277.prm...
Oracle Database Server contains several vulnerabilities
Overview Several vulnerabilities exist in the Oracle Database Server and Listener. According the the Oracle Security Alert, exploitation of these vulnerabilities would require the attacker to have network access, but not a valid user account on the vulnerable system. Description Oracle Database 1...
Oracle E-Business Suite SQL Injection vulnerabilities
Overview Oracle E-Business Suite fails to filter user input permiting the exploitation of SQL injection vulnerabilities. These vulnerabilities may allow a remote attacker to execute procedures or SQL queries and updates on the vulnerable database application. Description According to the Oracle...
Oracle9i Database contains remotely exploitable buffer overflow in "TO_TIMESTAMP_TZ" function
Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 A buffer overflow exists in...
Oracle9i Database contains remotely exploitable buffer overflow in "ORACLE.EXE"
Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 The buffer overflow exists in a...
Oracle9i Application Server MOD_ORADAV Module vulnerable to DoS
Overview A remotely exploitable denial-of-service vulnerability exists in the Oracle9i Application Server MODORADAV Module. Description Oracle has described this vulnerability as follows:A potential security vulnerability has been discovered in Oracle9i Application Server. A knowledgeable and...
ASI Oracle Security Alert: Oracle Home Environment Variable Validation Vulnerability
Oracle Home Environment Variable Validation Vulnerability For additional details, the official advisories from Oracle Corporation can be downloaded from: http://otn.oracle.com/deploy/security/pdf/dbsmpalert.pdf Summary: The dbsnmp executable can be manipulated to run programs from the wrong...