Lucene search
K
OracleDatabase 11i

8 matches found

CVE
CVE
added 2008/10/14 9:0 p.m.112 views

CVE-2008-3983

CVE-2008-3983 is a SQL injection vulnerability in Oracle Database Server’s Workspace Manager component (SYS.LT) affecting 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6. The flaw allows a remote authenticated user to affect confidentiality and integrity via SYS.LT.MERGEWORKSPACE (and relate...

5.5CVSS5.4AI score0.4181EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.105 views

CVE-2008-3982

CVE-2008-3982 concerns SQL injection in Oracle Workspace Manager (Workspace Manager component) of Oracle Database. Connected sources document concrete exploits in SYS.LT.* procedures (COMPRESSWORKSPACE, MERGEWORKSPACE, REMOVEWORKSPACE) that allow an attacker with execute privilege to inject SQL, ...

5.5CVSS5.4AI score0.1143EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.105 views

CVE-2008-3996

Oracle Database Change Data Capture vulnerability in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE allows SQL injection exploitable by any user with EXECUTE privilege on the package (10gR1, 10gR2, 11gR1). Remote attacker can execute injected SQL with SYS privileges; fix available via Octobe...

5.5CVSS5.4AI score0.09524EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.102 views

CVE-2008-4005

CVE-2008-4005 affects Oracle Database 11.1.0.6 via the Oracle Application Express component. The Nessus/OSS content confirms an unspecified vulnerability allowing remote authenticated users to affect confidentiality, integrity, and availability through unknown vectors. A patch is noted: Oracle Ap...

4.3CVSS5.5AI score0.01039EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.101 views

CVE-2008-3994

CVE-2008-3994 affects Oracle Database: Workspace Manager component (LTADM) in versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6. The root cause is an SQL injection vulnerability in LTADM (WP/WMSYS owner) that can be triggered by remote authenticated users, potentially compromising con...

5.5CVSS5.4AI score0.01018EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.98 views

CVE-2008-3995

CVE-2008-3995 affects Oracle Database (10gR1/10gR2/11gR1) Change Data Capture component. The root cause is an SQL injection in SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE, exploitable by any user with EXECUTE privilege on the package. Impact per sources: remote authenticated access that can ...

5.5CVSS5.4AI score0.0954EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.98 views

CVE-2008-5437

CVE-2008-5437 affects the Job Queue component in Oracle Database (versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.6). The vulnerability allows remote authenticated users to impact confidentiality and integrity via the DBMS_IJOB interface. Root cause details are not provided in the given d...

5.5CVSS5.6AI score0.01723EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.97 views

CVE-2008-3984

CVE-2008-3982, CVE-2008-3983, and CVE-2008-3984 are SQL injection flaws in Oracle Workspace Manager (SYS.LT.*: MERGEWORKSPACE, COMPRESSWORKSPACE, REMOVEWORKSPACE) that allow a remote authenticated user to affect confidentiality and integrity. Public details show Metasploit modules targeting SYS.L...

5.5CVSS5.4AI score0.4181EPSS