1847 matches found
Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory Oracle Database Buffer Overflow in SYS.KUPF$FILEINT.GETFULLFILENAME DB11 April 28, 2008 Risk Level: Medium Affected versions: Oracle Database Server versions 9iR2, 10gR1, 10gR2 and 11gR1 Remote exploitable: Yes...
CPU Apr 2008
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...
Fedora 8 : ruby-1.8.6.114-1.fc8 (2008-2443)
Tue Mar 4 2008 Akira TAGOH - 1.8.6.114-1 - Security fix for CVE-2008-1145. - Improve a spec file. 226381 - Correct License tag. - Fix a timestamp issue. - Own a arch-specific directory. - Tue Feb 19 2008 Fedora Release Engineering - 1.8.6.111-9 - Autorebuild for GCC 4.3 - Tue Feb 19 2008 Akira...
Oracle XDB component PITRIG_TRUNCATE buffer overflow
Added: 02/01/2008 CVE: CVE-2008-0339 BID: 27229 OSVDB: 40300 Background The PITRIGTRUNCATE function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGTRUNCATE function allows remote, authenticated attackers to...
Oracle XDB component PITRIG_TRUNCATE buffer overflow
Added: 02/01/2008 CVE: CVE-2008-0339 BID: 27229 OSVDB: 40300 Background The PITRIGTRUNCATE function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGTRUNCATE function allows remote, authenticated attackers to...
Oracle XDB component PITRIG_TRUNCATE buffer overflow
Added: 02/01/2008 CVE: CVE-2008-0339 BID: 27229 OSVDB: 40300 Background The PITRIGTRUNCATE function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGTRUNCATE function allows remote, authenticated attackers to...
Oracle XDB component PITRIG_TRUNCATE buffer overflow
Added: 02/01/2008 CVE: CVE-2008-0339 BID: 27229 OSVDB: 40300 Background The PITRIGTRUNCATE function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGTRUNCATE function allows remote, authenticated attackers to...
Oracle 2008年1月更新修复多个安全漏洞
BUGTRAQ ID: 27229 Oracle Database是一款商业性质大型数据库系统。 Oracle发布了2008年1月的紧急补丁更新公告,修复了多个Oracle产品中的多个漏洞。这些漏洞影响Oracle产品的所有安全属性,可导致本地和远程的威胁。其中一些漏洞可能需要各种级别的授权,但也有些不需要任何授权。最严重的漏洞可能导致完全入侵数据库系统。目前已知的漏洞包括: xDb.XDBPITRIGPKG.PITRIGDROP、xDb.XDBPITRIGPKG.PITRIGTRUNCATE存储过程中存在SQL注入漏洞,允许远程攻击者通过提交恶意查询请求更改口令,或获取口令哈希。...
Security | Oracle Critical Patch Update - January 2008
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...
[INFIGO 2008-01-06]: McAfee E-Business Server Remote Preauth Code Execution / DoS
INFIGO IS Security Advisory ADV-2008-01-06 http://www.infigo.hr/en/ Title: McAfee E-Business Server Remote Preauth Code Execution / DoS Advisory ID: INFIGO-2008-01-06 Date: 2008-01-09 Advisory URL: http://www.infigo.hr/en/infocus/advisories/INFIGO-2008-01-06 Impact: Remote code execution Risk...
Neuron News 1.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/26896/info Neuron News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and two cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attack...
Oracle XDB component PITRIG_DROPMETADATA buffer overflow
Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...
Oracle XDB component PITRIG_DROPMETADATA buffer overflow
Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...
Oracle XDB component PITRIG_DROPMETADATA buffer overflow
Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...
Oracle multiple security vulnerabilities
New quartly critical patch update fixes few dozens of security vulnerabilities...
Oracle Workspace Manager LT软件包SQL注入漏洞
BUGTRAQ ID: 26098 Oracle Database是一款商业性质大型数据库系统。 Oracle中捆绑的Workspace Manager包含有名为LT的软件包,LT软件包的实现上存在SQL注入漏洞,远程攻击者可能利用此漏洞获取非授权访问。 LT软件包属于SYS用户,可被PUBLIC执行,LT中的FINDRICSET过程调用了LTRIC软件包中的FINDRICSET ,而这个调用过程中存在SQL注入漏洞,允许远程攻击者通过提交恶意的SQL查询请求获得SYS权限。 Oracle Oracle9i Oracle Oracle10g Release 2 Oracle...
US-CERT Technical Cyber Security Alert TA07-290A -- Oracle Updates for Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-290A Oracle Updates for Multiple Vulnerabilities Original release date: October 17, 2007 Last revised: -- Source: US-CERT Systems Affected Oracle Database 10g Oracle 9i Database Oracle...
Security | Oracle Critical Patch Update - October 2007
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, but each advisory describes only the security fixes added...
Solaris 8 (sparc) : 109025-07
SunOS 5.8: truss patch. Date this patch was last updated by Sun : Aug/20/07 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Security fix for the ALT Linux 9 package apache2 version 2.2.6-alt1
Sept. 14, 2007 Aleksey Avdeev 2.2.6-alt1 - 2.2.6 - Adding SECURITY to upstream: + CVE-2007-4465 cve.mitre.org - Updating patchs for 2.2.6: + apache2-2.2.5-alt-debian.conf-0.1.patch to apache2-2.2.6-alt-debian.conf-0.1.patch + apache2-2.2.5-alt-configs-0.1.patch to...