Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflow vulnerabilities in procedure DBMSLOGMNR.ADDLOGFILE DB04 AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Server versions 9iR2 Risk...

Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflow vulnerability in procedure DBMSLOGREPUTIL.GETOBJECTNAME DB08 AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Server versions 9iR1...

Oracle Multiple Buffer Overflows and DoS attacks in public procedures of MDSYS.MD

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflows and Denial of service vulnerabilities in public procedures of MDSYS.MD DB05 AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Serv...

Oracle Reports Web Cartridge (RWCGI60)跨站脚本执行漏洞

Oracle应用服务器是一个综合解决方案，用于开发、集成和部署企业的应用系统、门户和网站。 Oracle应用服务Reports Web Cartridge在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在用户浏览器中执行恶意脚本代码。 在使用Oracle应用服务器处理Web客户端请求时，报表服务器必需Reports Web CGI或Web Cartridge。由于没有正确验证genuser参数，远程攻击者可以在输入中注入任意脚本并在客户端浏览器中执行。这一漏洞在认证表单中尤其严重，因为恶意用户可以通过这种攻击获得其他用户的认证凭据。 Oracle Application...

US-CERT Technical Cyber Security Alert TA07-017A -- Oracle Releases Patches for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-017A Oracle Releases Patches for Multiple Vulnerabilities Original release date: January 17, 2007 Last revised: -- Source: US-CERT Systems Affected Oracle Database Oracle Application Serv...

Oracle January 2007 Security Update - Multiple Vulnerabilities

Oracle January 2007 Security Update - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/22083/info Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected...

Solaris 8 (x86) : 120672-08

Mozilla 1.7x86 for Solaris 8 and 9. Date this patch was last updated by Sun : Sep/02/08 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Solaris 7 (sparc) : 123919-12

Sun Management Center 3.6.1: Patch for Solaris 7. Date this patch was last updated by Sun : Dec/01/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; ...

Oracle Security Component sys.pbsde buffer overflow

Added: 11/07/2006 CVE: CVE-2005-3438 BID: 15134 OSVDB: 20612 Background pbsde is a package of stored procedures which is part of the base installation of Oracle Database. Problem A buffer overflow in the sys.pbsde.init procedure allows database users to execute arbitrary commands. Resolution Appl...

Solaris 8 (sparc) : 109234-09

SunOS 5.8: Apache Security and NCA Patch. Date this patch was last updated by Sun : Aug/07/02 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

Solaris 9 (sparc) : 118389-12

Sun Management Center 3.5.1: Patch for Solaris 9. Date this patch was last updated by Sun : Dec/11/07 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; ...

Solaris 2.6 (i386) : 110538-01

The remote host is missing Sun Security Patch number 110538-01 AnswerBook 1.4.3x86: HTTP GET overflow allows code execution. Date this patch was last updated by Sun : Wed Nov 23 04:36:40 MST 2005 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@ Thi...

Solaris 5.10 (x86) : 120880-08

Sun Ray Core Services version 3.1 Patch Update SunOS 5.10x86. Date this patch was last updated by Sun : Nov/26/08 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Securit...

Solaris 8 (sparc) : 112150-04

The remote host is missing Sun Security Patch number 112150-04 SRS 2.1 SunMC Agent stability. Date this patch was last updated by Sun : Wed Nov 23 05:48:50 MST 2005 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as...

Solaris 9 (sparc) : 114880-12

Sun Ray Server version 2.0 Patch Update. Date this patch was last updated by Sun : Feb/14/08 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Solaris 9 (sparc) : 117724-10

SunOS 5.9: NSPR 4.5.1 / NSS 3.9.5 / JSS 4.. Date this patch was last updated by Sun : Feb/03/05 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Solaris 5.6 (sparc) : 111891-10

Sun Ray Server version 1.3 Patch Update. Date this patch was last updated by Sun : Aug/01/03 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

Solaris 9 (sparc) : 118979-04

Sun Ray Core Services version 3.0 Patch Update. Date this patch was last updated by Sun : Nov/26/08 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Oracle XML Component DBMS_XMLSCHEMA.GENERATESCHEMA buffer overflow

Added: 11/03/2006 CVE: CVE-2006-0272 BID: 16287 OSVDB: 22567 Background Oracle Database Server includes the DBMSXMLSCHEMA component, which contains procedures for managing XML schemas. Problem A buffer overflow vulnerability in the DBMSXMLSCHEMA.GENERATESCHEMA procedure allows database users to...

Oracle XML Component DBMS_XMLSCHEMA.GENERATESCHEMA buffer overflow

Added: 11/03/2006 CVE: CVE-2006-0272 BID: 16287 OSVDB: 22567 Background Oracle Database Server includes the DBMSXMLSCHEMA component, which contains procedures for managing XML schemas. Problem A buffer overflow vulnerability in the DBMSXMLSCHEMA.GENERATESCHEMA procedure allows database users to...