61 matches found
Oracle Database Multiple Vulnerabilities (January 2008 CPU)
The remote Oracle database server is missing the January 2008 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Core RDBMS - Oracle Spatial - Oracle Ultra Search - Upgrade/Downgrade - XML DB %NASLMINLEVEL 70300 C...
CVE-2011-2242
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP...
Design/Logic Flaw
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP...
CVE-2011-2242
CVE-2011-2242 concerns Oracle Database Server core RDBMS components. The CVE describes an unspecified vulnerability in Oracle Database Server 11.2.0.1 and 11.2.0.2, local-access impact on confidentiality related to XML DB FTP. The core issue is within the Core RDBMS component (XML DB FTP pathway)...
CVE-2011-2242
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP...
Oracle Database 'XML DB component' Unspecified vulnerability
Oracle database is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:databaseserver";...
Design/Logic Flaw
Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
CVE-2010-0851
Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality via unknown vectors...
CVE-2010-0852
Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
CVE-2010-0851
Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality via unknown vectors...
CVE-2010-0852
CVE-2010-0852 affects Oracle Database XML DB component across versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3. The vulnerability is described as unspecified, allowing remote authenticated users to affect confidentiality and integrity via unknown vectors. The connected NVD entry provides a CVS...
Oracle XDB FTP Service UNLOCK Buffer Overflow
vulnerabilities network level/stack based buffer overflow + special network layer attack + implemented over http/XML-db/ftp==windows XDB + connecting:8080 = operation: win 32--xdb overflow + author mc2s3lector + yogyacarderlink.web.id/KeDai Computerworks.com exploit win32 include include include...
Oracle XML DB SID Discovery via Brute Force
This module attempts to retrieve the sid from the Oracle XML DB httpd server, utilizing Pete Finnigan's default oracle password list. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle XML ...
Oracle XML DB SID Discovery
This module simply makes an authenticated request to retrieve the sid from the Oracle XML DB httpd server. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle XML DB SID Discovery',...
CVE-2008-0339
Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB01...
Oracle Database 10 g - XML DB xdb.xdb_pitrig_pkg Package PITRIG_TRUNCATE Function Overflow
Oracle Database 10 g - XML DB xdb.xdbpitrigpkg Package PITRIGTRUNCATE Function Overflow source: https://www.securityfocus.com/bid/27229/info Oracle has released its critical patch update for January 2008. The advisory addresses 26 vulnerabilities affecting Oracle Database, Oracle Application...
Oracle Database XML Database SQL Injection vulnerability
Overview Oracle Database XML Database XML DB is vulnerable to SQL injection, possibly allowing a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description According to Oracle:Oracle XML DB is a feature of the Oracle Database. It provides a high-performance...
CVE-2005-3204
Cross-site scripting XSS vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request...
CVE-2005-3204
CVE-2005-3204 is a Cross-site Scripting (XSS) vulnerability affecting Oracle XML DB 9iR2. According to the connected Nessus/NVD records, remote attackers could inject arbitrary web script or HTML via the query string in an HTTP request. The available documents do not specify the affected product ...
CVE-2005-3204
Cross-site scripting XSS vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request...