14 matches found
CVE-2009-0992
CVE-2009-0992 affects Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 in the Advanced Queuing DBMS_AQIN package. The issue is described as a SQL injection vulnerability in the DEQ_EXEJOB procedure due to improper input handling. This can impact confidentiality and integrity for remote-authentica...
CVE-2009-0981
CVE-2009-0981 concerns Oracle Database 11.1.0.7 with the Application Express (APEX) component. The connected Nessus/NASIL-derived data confirms a data-exposure issue where unprivileged/remote-authenticated database users can access APEX password hashes stored in FLOWS_030000.WWV_FLOW_USER (and re...
CVE-2009-0985
CVE-2009-0985 maps to an unspecified vulnerability in the Core RDBMS component of Oracle Database versions 10.1.0.5, 10.2.0.4 and 11.1.0.6. The NVD entry notes that remote authenticated users with the IMP_FULL_DATABASE role can affect confidentiality, integrity and availability. Connected documen...
CVE-2009-0991
CVE-2009-0991 is a vulnerability in the Oracle Database TNS Listener (Listener component) that allows remote attackers to cause a denial of service by sending crafted TNS packets. The vulnerability affects Oracle Database versions including 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7, an...
CVE-2009-0975
Oracle Workspace Manager contains a SQL injection in SYS.LT.ROLLBACKWORKSPACE (CVE-2009-0978) that can be exploited by any user with execute privilege on the vulnerable package to run privileged SQL statements. The CVE-2009-0975 entry is the related, unspecified vulnerability. The connected docum...
CVE-2009-0986
CVE-2009-0986 affects Oracle Database Workspace Manager in versions 10.2.0.4 and 11.1.0.6. Described as an unspecified vulnerability allowing remote authenticated access to affect confidentiality, integrity, and availability via unknown vectors. Public materials tie this CVE to Oracle’s April 200...
CVE-2008-3973
Technical details about CVE-2008-3973 are not publicly provided in the connected documents. They note an unspecified vulnerability in the SQL*Plus Windows GUI with limited information; monitor Oracle CPU advisories and vendor updates for specifics.
CVE-2009-0978
CVE-2009-0978 affects Oracle Database Workspace Manager: a SQL injection flaw in the SYS.LT.ROLLBACKWORKSPACE procedure can allow a user with execute privilege on SYS.LT.ROLLBACKWORKSPACE to run privileged SQL via crafted calls. The public material references a Metasploit module exploiting this v...
CVE-2009-0988
Technical details for CVE-2009-0988 are not publicly available in the provided documents. Monitor for updates in case further information becomes accessible.
CVE-2009-0976
CVE-2009-0976 affects Oracle Database’s Workspace Manager component in versions 10.2.0.4 and 11.1.0.6 . The description notes an unspecified vulnerability that allows remote authenticated users to impact confidentiality and integrity , related to LTADM. Oracle issued the April 2009 Critical Patch...
CVE-2008-1815
CVE-2008-1815: Affects Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 in the Change Data Capture (CDC) component. The vulnerability involves DBMS_CDC_UTILITY (DB02) with remote authenticated access; the impact is unspecified in the sources, and the exact root cause is not clearly defined. Oracl...
CVE-2009-0984
The CVE concerns Oracle Database Database Vault (versions 9.2.0.8DV, 10.2.0.4, 11.1.0.6). The vulnerability is described as unspecified but affects confidentiality and integrity via DBMS_SYS_SQL when exploited by remote authenticated users. Connected documents confirm this CVE is included in the ...
CVE-2008-1820
CVE-2008-1820 affects Oracle Database Data Pump: vulnerable in versions 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6. The impact is unspecified with remote vectors related to KUPF$FILE_INT, and there are researcher claims of a buffer overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME; no confirmation o...
CVE-2009-0980
The CVE-2009-0980 entry concerns Oracle Database 10.2.0.3 and 11.1.0.6 with an unspecified vulnerability in the SQLX Functions component (related to AGGXQIMP). Affected software: Oracle Database 10.2.0.3 and 11.1.0.6, specifically the SQLX Functions. Root cause/details are not fully disclosed in ...