CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CERT•added 2005/10/21 12:0 a.m.•23 views

Oracle Database Server buffer overflow in Security Component

Overview The Oracle Database Server Security Component contains a buffer overflow. Exploitation may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description A lack of input validation in the Oracle Database Server Security Component may allow a buffer...

8.1AI score

Exploits0References3

securityvulns•added 2005/10/20 12:0 a.m.•24 views

[Full-disclosure] Oracle Workflow CSS Vulnerability wf_route

Dear FD-Reader, The Oracle Critical Patch Update October 2005 provides fixes for 2 Cross-Site- Scripting vulnerabilities in Oracle Workflow found by Red-Database-Security GmbH. I know that the severity and impact of CSS bugs is low. My critical security bugs in Oracle e.g. become DBA via the impo...

CERT•added 2005/10/20 12:0 a.m.•19 views

Oracle Enterprise Manager Oracle Agent contains a buffer overflow

Overview Oracle Enterprise Manager Oracle Agent contains a buffer overflow vulnerability. Exploitation may allow a remote, unauthenticated attacker to execute arbitrary code, possibly with elevated privileges. Description The Oracle Agent provides remote management services for Oracle Enterprise...

8.2AI score

Exploits0References4

securityvulns•added 2005/10/20 12:0 a.m.•24 views

[Full-disclosure] Oracle Workflow CSS Vulnerability wf_monitor

securityvulns•added 2005/10/20 12:0 a.m.•26 views

US-CERT Technical Cyber Security Alert TA05-292A -- Oracle Products Contain Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA05-292A Oracle Products Contain Multiple Vulnerabilities Original release date: October 19, 2005 Last revised: -- Source: US-CERT Systems Affected Oracle Database Server 10g Oracle9i Databas...

0.2AI score

Packet Storm•added 2005/10/08 12:0 a.m.•29 views

oracle_xmldb_css.txt

Cross-Site-Scripting Vulnerability in Oracle XMLDB Name Cross-Site-Scripting Vulnerability in Oracle XMLDB Systems Affected Oracle Database 9i Rel. 2 Severity Low Risk Category Cross Site Scripting CSS/XSS Vendor URL http://www.oracle.com This advisory...

exploitpack•added 2005/10/07 12:0 a.m.•23 views

Oracle 9.0 iSQL*Plus - TLS Listener Remote Denial of Service

Oracle 9.0 iSQLPlus - TLS Listener Remote Denial of Service source: https://www.securityfocus.com/bid/15032/info Oracle iSQLPLUS is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users. By issuing a...

exploitpack•added 2005/10/07 12:0 a.m.•6 views

Oracle HTML DB 1.51.6 - f?p Cross-Site Scripting

Oracle HTML DB 1.51.6 - f?p Cross-Site Scripting source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context...

6.7AI score

Exploit DB•added 2005/10/07 12:0 a.m.•23 views

Oracle HTML DB 1.5/1.6 - 'f?p=' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. An attacker can leverage...

exploitpack•added 2005/10/07 12:0 a.m.•13 views

Oracle 9 - XML DB Cross-Site Scripting

Oracle 9 - XML DB Cross-Site Scripting source: https://www.securityfocus.com/bid/15034/info Oracle XML DB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

6.8AI score

exploitpack•added 2005/10/07 12:0 a.m.•10 views

Oracle HTML DB 1.51.6 - wwv_flow.accept?p_t02 Cross-Site Scripting

Oracle HTML DB 1.51.6 - wwvflow.accept?pt02 Cross-Site Scripting source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting use...

6.7AI score

Exploit DB•added 2005/10/07 12:0 a.m.•37 views

Oracle Forms - Servlet TLS Listener Remote Denial of Service

source: https://www.securityfocus.com/bid/15039/info Oracle Forms is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users. By issuing a specific HTTP request, remote attackers may cause the affected...

Exploit DB•added 2005/10/07 12:0 a.m.•33 views

Oracle HTML DB 1.5/1.6 - 'wwv_flow.accept?p_t02' Cross-Site Scripting

securityvulns•added 2005/10/07 12:0 a.m.•31 views

[Full-disclosure] Cross-Site-Scripting Vulnerability in Oracle iSQL*Plus

Cross-Site-Scripting Vulnerability in Oracle iSQLPlus Name Cross-Site-Scripting Vulnerability in Oracle iSQLPlus Systems Affected Oracle Database 9i Rel. 2 Severity Low Risk Category Cross Site Scripting CSS/XSS Vendor URL http://www.oracle.com This advisory...

6.1AI score

Tenable Nessus•added 2005/09/06 12:0 a.m.•18 views

Solaris 10 (sparc) : 119719-01

SunOS 5.10: kmdbmod patch. Date this patch was last updated by Sun : Aug/18/05 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...

securityvulns•added 2005/07/14 12:0 a.m.•41 views

Exploits0References1

US-CERT Technical Cyber Security Alert TA05-194A -- Oracle Products Contain Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA05-194A archive Oracle Products Contain Multiple Vulnerabilities Original release date: July 13, 2005 Last revised: -- Source: US-CERT Systems Affected According to Oracle Critical Patch...

0.3AI score