Lucene search
K
OracleDatabase 9i

25 matches found

CVE
CVE
added 2008/04/16 10:0 a.m.122 views

CVE-2008-1813

CVE-2008-1813 covers multiple unspecified vulnerabilities in Oracle Database versions 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3. The description notes remote unauthenticated or authenticated attack vectors affecting several components: SYS.DBMS_AQ (Advanced Queuing), Core RDBMS, S...

6.5CVSS6.7AI score0.01588EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.119 views

CVE-2009-0991

CVE-2009-0991 is a vulnerability in the Oracle Database TNS Listener (Listener component) that allows remote attackers to cause a denial of service by sending crafted TNS packets. The vulnerability affects Oracle Database versions including 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7, an...

5CVSS6AI score0.07578EPSS
CVE
CVE
added 2008/07/15 11:0 p.m.117 views

CVE-2008-2587

CVE-2008-2587 affects Oracle Database Advanced Replication in 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3. The vulnerability allows local access to read trace files (local attack vector) with a low impact (read access, Partial confidentiality). CVSS 2.0 base score is 1.5 (LOW). The ...

1.5CVSS5.8AI score0.00316EPSS
CVE
CVE
added 2008/07/15 11:0 p.m.116 views

CVE-2008-2607

CVE-2008-2607 concerns Oracle Database Advanced Queuing (SYS.DBMS_AQELM). The CVE entry notes an unspecified vulnerability in Oracle Database versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 with remote authenticated attack vectors related to SYS.DBMS_AQELM. The public material refer...

6.5CVSS7.2AI score0.03357EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.116 views

CVE-2008-3976

Technical details for CVE-2008-3976 are not provided in the supplied documents. No affected product versions, root cause, or remediation are specified here. Monitor for updates from authoritative sources.

5.5CVSS5.4AI score0.01761EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.112 views

CVE-2008-3983

CVE-2008-3983 is a SQL injection vulnerability in Oracle Database Server’s Workspace Manager component (SYS.LT) affecting 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6. The flaw allows a remote authenticated user to affect confidentiality and integrity via SYS.LT.MERGEWORKSPACE (and relate...

5.5CVSS5.4AI score0.4181EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.106 views

CVE-2009-0979

CVE-2009-0979 maps to a buffer overflow in Oracle Database 9i/9.2 Resource Manager, specifically in the plan name parameter used by ALTER SYSTEM SET RESOURCE_MANAGER_PLAN and SYS.DBMS_RESOURCE_MANAGER.SWITCH_PLAN. The vulnerability allows a remote attacker with database authentication (needs ALTE...

9CVSS5.7AI score0.02153EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.105 views

CVE-2009-0977

The CVE-2009-0977 issue is an Oracle Database SQL injection vulnerability in the DBMS_AQADM_SYS.GRANT_TYPE_ACCESS procedure. Public docs state a SQL injection exists due to insufficient input validation, allowing a remote attacker with valid credentials to inject and execute SQL within the databa...

5.5CVSS6.3AI score0.01316EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.104 views

CVE-2008-3982

CVE-2008-3982 concerns SQL injection in Oracle Workspace Manager (Workspace Manager component) of Oracle Database. Connected sources document concrete exploits in SYS.LT.* procedures (COMPRESSWORKSPACE, MERGEWORKSPACE, REMOVEWORKSPACE) that allow an attacker with execute privilege to inject SQL, ...

5.5CVSS5.4AI score0.1143EPSS
CVE
CVE
added 2008/07/15 11:0 p.m.103 views

CVE-2008-2591

CVE-2008-2591 affects Oracle Database Vault (Oracle Database 9.2.0.8DV, 10.2.0.3, 11.1.0.6). The issue is listed in Oracle’s July 2008 CPU and tied to the Database Vault component, with remote authenticated attack vectors and partial impact on confidentiality, integrity, and availability. The CPU...

6.5CVSS5.7AI score0.0137EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.103 views

CVE-2008-3999

CVE-2008-3999 affects the Oracle Database OLAP component (versions 9.2.0.8, 9.2.0.8DV, and 10.1.0.5). The issue is described as an unspecified vulnerability related to SYS.OLAPIMPL_T that could allow remote authenticated users to affect availability. Exploitation details are not provided in the s...

4CVSS5.7AI score0.0199EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.101 views

CVE-2008-3994

CVE-2008-3994 affects Oracle Database: Workspace Manager component (LTADM) in versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6. The root cause is an SQL injection vulnerability in LTADM (WP/WMSYS owner) that can be triggered by remote authenticated users, potentially compromising con...

5.5CVSS5.4AI score0.01018EPSS
CVE
CVE
added 2008/04/16 10:0 a.m.100 views

CVE-2008-1819

CVE-2008-1819 concerns an unspecified vulnerability in the Oracle Net Services component of Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 (DB09). The connected sources confirm the affected product area as Oracle Database with Net Services, but do not provide concrete details on root cause, expl...

7.2CVSS6AI score0.00426EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.100 views

CVE-2008-3991

The CVE-2008-3991 entry concerns an unspecified vulnerability in the Oracle OLAP component of Oracle Database versions 9.2.08, 9.2.0.8DV, and 10.1.0.5, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL. The impact stated is availability via remote authenticated access. The provided documents do not include ...

4CVSS5.5AI score0.01446EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.98 views

CVE-2008-5437

CVE-2008-5437 affects the Job Queue component in Oracle Database (versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.6). The vulnerability allows remote authenticated users to impact confidentiality and integrity via the DBMS_IJOB interface. Root cause details are not provided in the given d...

5.5CVSS5.6AI score0.01723EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.97 views

CVE-2008-3984

CVE-2008-3982, CVE-2008-3983, and CVE-2008-3984 are SQL injection flaws in Oracle Workspace Manager (SYS.LT.*: MERGEWORKSPACE, COMPRESSWORKSPACE, REMOVEWORKSPACE) that allow a remote authenticated user to affect confidentiality and integrity. Public details show Metasploit modules targeting SYS.L...

5.5CVSS5.4AI score0.4181EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.96 views

CVE-2008-3990

CVE-2008-3990 affects the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5. The issue allows remote authenticated users to affect availability and is linked to OLAPSYS.CWM2_OLAP_AW_AWUTIL; it is a separate vulnerability from CVE-2008-3991. The connected documents confirm t...

4CVSS5.5AI score0.01176EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.95 views

CVE-2009-0984

The CVE concerns Oracle Database Database Vault (versions 9.2.0.8DV, 10.2.0.4, 11.1.0.6). The vulnerability is described as unspecified but affects confidentiality and integrity via DBMS_SYS_SQL when exploited by remote authenticated users. Connected documents confirm this CVE is included in the ...

5.5CVSS5.6AI score0.01258EPSS
CVE
CVE
added 2008/04/16 10:0 a.m.93 views

CVE-2008-1812

CVE-2008-1812 affects the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+, Application Server 1.0.2.2, and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5. The vulnerability is described as unspecified with unknown impact and local attack vectors (EM01). The connected ...

10CVSS8.8AI score0.02131EPSS
CVE
CVE
added 2008/04/16 10:0 a.m.93 views

CVE-2008-1817

CVE-2008-1817 affects Oracle Database versions 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 with remote attack vectors in (1) SDO_IDX (Spatial) and (2) Core RDBMS (DB10). The issue is described as multiple unspecified vulnerabilities with unknown impact; Oracle’s CPU notes ...

9CVSS7AI score0.01707EPSS
CVE
CVE
added 2008/04/16 10:0 a.m.90 views

CVE-2008-1820

CVE-2008-1820 affects Oracle Database Data Pump: vulnerable in versions 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6. The impact is unspecified with remote vectors related to KUPF$FILE_INT, and there are researcher claims of a buffer overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME; no confirmation o...

4CVSS6.4AI score0.02085EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.89 views

CVE-2008-5436

CVE-2008-5436 affects the Oracle OLAP component in Oracle Database versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4. The vulnerability is described as an unspecified issue allowing remote authenticated users to affect integrity and availability via unknown vectors. The connected documents conf...

5.5CVSS5.6AI score0.01975EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.88 views

CVE-2008-2625

CVE-2008-2625 is an Oracle Database proxy-authentication bypass affecting the Core RDBMS. The connected sources describe an authentication bypass through TNS proxy login, allowing a new connection to impersonate an existing session without passwords. Affected products/versions cited include Oracl...

4CVSS5.8AI score0.02066EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.87 views

CVE-2008-3974

CVE-2008-3974 concerns a buffer overflow in Oracle Database’s OLAP SYS.OLAPIMPL_T ODCITABLESTART procedure. Exploitation requires a user with EXECUTE privilege on SYS.OLAPIMPL_T and remote access to the Oracle server; a crafted SQL statement can allow arbitrary code execution or DoS on vulnerable...

4CVSS5.5AI score0.0135EPSS
CVE
CVE
added 2008/07/15 11:0 p.m.57 views

CVE-2008-2595

CVE-2008-2595 : A pre-authentication denial-of-service vulnerability exists in Oracle Internet Directory (LDAP) within Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2. The issue is caused by a NULL pointer dereference when processing malformed LDAP requests, leading to a crash of the vu...

5CVSS8.6AI score0.11336EPSS