18 matches found
EUVD-2005-3204
Malware in sbrugna...
EUVD-2004-2337
Malware in sbrugna...
EUVD-2002-0566
Malware in sbrugna...
Oracle GENERATESCHEMA Buffer Overflow Exploit
This Exploit a buffer overflow in Oracle10g. When sending a specially formatted query to the GENERATESCHEMA function in the XDB.DBMSXMLSCHEMA package, an attacker may be able to execute arbitrary code. NOTE: For targets running DEP, you will need to choose target 0 then rexploit with target 1. Th...
Oracle Database string conversion buffer overflow
Added: 08/23/2006 BID: 10871 OSVDB: 9890 Background Oracle Database is a relational database product for multiple platforms. Problem The string conversion function in Oracle Database is affected by a buffer overflow vulnerability. A remote attacker could execute arbitrary commands by sending a lo...
CVE-2005-3205
Cross-site scripting XSS vulnerability in iSQLPlus iSQLPlus in Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to inject arbitrary web script or HTML via script in the "set markup HTML TABLE" command, which is executed when the user selects a table...
CVE-2005-3206
iSQLPlus isqlplus for Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to cause a denial of service TNS listener stop via an HTTP request with an sid parameter that contains a STOP command...
CVE-2005-3205
CVE-2005-3205 : XSS in Oracle9i iSQLPlus (iSQLPlus) for Oracle9i Database Server Release 2 (9.0.2.4). The vulnerability arises in the iSQL Plus interface when using the command set markup HTML TABLE, allowing remote attackers to inject arbitrary script/HTML that executes when a user selects a tab...
CVE-2004-2345
Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information...
Oracle9i Database contains buffer overflow in TIME_ZONE session parameter
Overview Oracle9i Database contains a buffer overflow in the TIMEZONE session parameter which could allow anyone who can query the server to execute arbitrary code or access data with the privileges of the vulnerable process. Description The TIMEZONE parameter is a session parameter that specifie...
Oracle9i Database contains buffer overflow in FROM_TZ() function
Overview Oracle9i Database contains a buffer overflow in the FROMTZ function which could allow anyone who can query the server to execute arbitrary code or access data with the privileges of the vulnerable process. Description A buffer overflow exists in the FROMTZ function. This function is...
Oracle9i Database contains buffer overflow in NUMTOYMINTERVAL() function
Overview Oracle9i Database contains a buffer overflow in the NUMTOYMINTERVAL function which could allow anyone who can query the server to execute arbitrary code or access data with the privileges of the vulnerable process. Description A buffer overflow exists in the NUMTOYMINTERVAL function. Thi...
CVE-2002-0571
Oracle Oracle9i database server 9.0.1.x allows local users to access restricted data via a SQL query using ANSI outer join syntax...
Oracle9i Database contains remotely exploitable buffer overflow in "BFILENAME" function
Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle 9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 A buffer overflow exists in...
Oracle9i Database contains remotely exploitable buffer overflow in "TZ_OFFSET" function
Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 A buffer overflow vulnerability...
Oracle9i Database contains remotely exploitable buffer overflow in "TO_TIMESTAMP_TZ" function
Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 A buffer overflow exists in...
Oracle9i Database contains remotely exploitable buffer overflow in "ORACLE.EXE"
Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 The buffer overflow exists in a...
Oracle9i Database TNS Listener vulnerable to buffer overflow via SERVICE_NAME parameter
Overview A buffer overflow vulnerability exists in the TNS Listener component of Oracle9i Database. This vulnerability could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the TNS Listener process or cause a denial of service. Description Oracle9i...