1962 matches found
US-CERT Technical Cyber Security Alert TA05-292A -- Oracle Products Contain Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA05-292A Oracle Products Contain Multiple Vulnerabilities Original release date: October 19, 2005 Last revised: -- Source: US-CERT Systems Affected Oracle Database Server 10g Oracle9i Databas...
[Full-disclosure] Oracle Workflow CSS Vulnerability wf_route
Dear FD-Reader, The Oracle Critical Patch Update October 2005 provides fixes for 2 Cross-Site- Scripting vulnerabilities in Oracle Workflow found by Red-Database-Security GmbH. I know that the severity and impact of CSS bugs is low. My critical security bugs in Oracle e.g. become DBA via the impo...
Oracle Enterprise Manager Oracle Agent contains a buffer overflow
Overview Oracle Enterprise Manager Oracle Agent contains a buffer overflow vulnerability. Exploitation may allow a remote, unauthenticated attacker to execute arbitrary code, possibly with elevated privileges. Description The Oracle Agent provides remote management services for Oracle Enterprise...
oracle_xmldb_css.txt
Cross-Site-Scripting Vulnerability in Oracle XMLDB Name Cross-Site-Scripting Vulnerability in Oracle XMLDB Systems Affected Oracle Database 9i Rel. 2 Severity Low Risk Category Cross Site Scripting CSS/XSS Vendor URL http://www.oracle.com This advisory...
Oracle HTML DB 1.5/1.6 - 'f?p=' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. An attacker can leverage...
Oracle HTML DB 1.5/1.6 - 'wwv_flow.accept?p_t02' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. An attacker can leverage...
Oracle Forms - Servlet TLS Listener Remote Denial of Service
source: https://www.securityfocus.com/bid/15039/info Oracle Forms is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users. By issuing a specific HTTP request, remote attackers may cause the affected...
Oracle 9.0 iSQL*Plus - TLS Listener Remote Denial of Service
Oracle 9.0 iSQLPlus - TLS Listener Remote Denial of Service source: https://www.securityfocus.com/bid/15032/info Oracle iSQLPLUS is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users. By issuing a...
Oracle 9 - XML DB Cross-Site Scripting
Oracle 9 - XML DB Cross-Site Scripting source: https://www.securityfocus.com/bid/15034/info Oracle XML DB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
Oracle HTML DB 1.51.6 - f?p Cross-Site Scripting
Oracle HTML DB 1.51.6 - f?p Cross-Site Scripting source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context...
Oracle HTML DB 1.51.6 - wwv_flow.accept?p_t02 Cross-Site Scripting
Oracle HTML DB 1.51.6 - wwvflow.accept?pt02 Cross-Site Scripting source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting use...
[Full-disclosure] Cross-Site-Scripting Vulnerability in Oracle iSQL*Plus
Cross-Site-Scripting Vulnerability in Oracle iSQLPlus Name Cross-Site-Scripting Vulnerability in Oracle iSQLPlus Systems Affected Oracle Database 9i Rel. 2 Severity Low Risk Category Cross Site Scripting CSS/XSS Vendor URL http://www.oracle.com This advisory...
Solaris 10 (sparc) : 119719-01
SunOS 5.10: kmdbmod patch. Date this patch was last updated by Sun : Aug/18/05 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...
US-CERT Technical Cyber Security Alert TA05-194A -- Oracle Products Contain Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA05-194A archive Oracle Products Contain Multiple Vulnerabilities Original release date: July 13, 2005 Last revised: -- Source: US-CERT Systems Affected According to Oracle Critical Patch...
Oracle JDeveloper Plaintext Passwords
Name Oracle JDeveloper Plaintext Passwords Systems Affected Oracle JDeveloper 9.0.4, 9.0.5, 10.1.2 Severity Low Risk Category Information Disclosure of Passwords Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 13 July 2005 V 1.00 Advisory...
Oracle products contain multiple vulnerabilities
Overview Multiple vulnerabilities exist in numerous Oracle products. The impacts of these vulnerabilities are varied and may include remote execution of arbitrary code, the disclosure of sensitive information, and denial-of-service conditions Description Multiple vulnerabilities exist in numerous...
US-CERT Technical Cyber Security Alert TA05-117A -- Oracle Products Contain Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Technical Cyber Security Alert TA05-117A Oracle Products Contain Multiple Vulnerabilities Original release date: April 27, 2005 Last revised: -- Source: US-CERT Systems Affected From the Oracle Critical Patch Update - April 2005: Oracle Database 10g...
[SA15060] KDE Kommander Arbitrary Code Execution Vulnerability
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: KDE Kommander Arbitrary Code Execution Vulnerability...
[AppSecInc Team SHATTER Security Advisory] SQL Injection in CREATE_SCN_CHANGE_SET procedure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SQL Injection in CREATESCNCHANGESET procedure AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle/2005-05.html April 18, 2005 Affected versions: Oracle Database Server version 10g Risk level: High Credits: This...
[AppSecInc Team SHATTER Security Advisory] Denial of Service in Oracle interMedia
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Denial of Service in Oracle interMedia AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle/2005-01.html April 18, 2005 Affected versions: Oracle Database Server versions 9i and 10g Risk level: Medium Credits: This...