Database Server@11.2.0.2 Security Vulnerabilities and Issues — Database Server@11.2.0.2 CVE List

Lucene search

OracleDatabase Server11.2.0.2

55 matches found

CVE•added 2012/05/08 10:55 p.m.•321 views

CVE-2012-1675

The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by perf...

7.5CVSS9.2AI score0.92162EPSS

CVE•added 2013/07/17 1:41 p.m.•109 views

CVE-2013-3751

Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

9CVSS5.6AI score0.04884EPSS

CVE•added 2011/07/20 11:55 p.m.•100 views

CVE-2011-2257

Unspecified vulnerability in the Database Target Type Menus component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality, i...

6.8CVSS6.2AI score0.00485EPSS

CVE•added 2011/07/20 11:55 p.m.•97 views

CVE-2011-2239

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability, related to XMLSEQ_IMP_T.

7.1CVSS5.8AI score0.00369EPSS

CVE•added 2011/07/20 10:55 p.m.•93 views

CVE-2011-0831

Unspecified vulnerability in the Enterprise Config Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote authenticated users to affect confidentiality a...

5.5CVSS5.5AI score0.00197EPSS

CVE•added 2011/07/20 10:55 p.m.•92 views

CVE-2011-0870

Unspecified vulnerability in the Schema Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and availa...

6.8CVSS8.4AI score0.02118EPSS

CVE•added 2011/07/20 11:55 p.m.•90 views

CVE-2011-2253

7.1CVSS5.8AI score0.00369EPSS

CVE•added 2011/07/20 10:55 p.m.•86 views

CVE-2011-0832

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-0835 and CVE-2011-0880.

6CVSS5.7AI score0.00429EPSS

CVE•added 2011/07/20 10:55 p.m.•85 views

CVE-2011-0816

Unspecified vulnerability in the CMDB Metadata & Instance APIs component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote authenticated users to affect confidentiality ...

5.5CVSS5.5AI score0.00197EPSS

CVE•added 2011/07/20 10:55 p.m.•85 views

CVE-2011-0835

6.5CVSS5.7AI score0.00429EPSS

CVE•added 2011/07/20 10:55 p.m.•85 views

CVE-2011-0848

Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and avail...

6.8CVSS6AI score0.00485EPSS

CVE•added 2011/07/20 10:55 p.m.•85 views

CVE-2011-0879

Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors.

4.3CVSS6.1AI score0.00309EPSS

CVE•added 2011/04/20 3:14 a.m.•84 views

CVE-2011-0785

Unspecified vulnerability in the Oracle Help component in Oracle Database Server 11.1.0.7, 11.2.0.1, 11.2.0.2, 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, and 10.1.0.5; and Oracle Fusion Middleware 11.1.1.2.0, 11.1.1.3.0, and 11.1.1.4.0 allows remote attackers to affect integrity via unknown vectors.

4.3CVSS6AI score0.00229EPSS

CVE•added 2011/07/20 10:55 p.m.•83 views

CVE-2011-0880

6.5CVSS5.7AI score0.00429EPSS

CVE•added 2012/09/21 11:55 p.m.•83 views

CVE-2012-3137

The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force passwo...

6.4CVSS9.1AI score0.542EPSS

CVE•added 2013/04/17 12:19 p.m.•83 views

CVE-2013-1534

Unspecified vulnerability in the Workload Manager component in Oracle Database Server 11.2.0.2 and 11.2.0.3, when used in RAC configurations, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6.1AI score0.02469EPSS

CVE•added 2013/07/17 1:41 p.m.•83 views

CVE-2013-3774

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.6CVSS6AI score0.0404EPSS

CVE•added 2011/04/20 3:14 a.m.•82 views

CVE-2011-0806

Unspecified vulnerability in the Network Foundation component in Oracle Database Server 10.1.0.5, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2, when running on Windows, allows remote attackers to affect availability via unknown vectors.

5CVSS6.1AI score0.00705EPSS

CVE•added 2011/07/20 11:55 p.m.•82 views

CVE-2011-2248

Unspecified vulnerability in the SQL Performance Advisories/UIs component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality, integrity, and availability, related ...

6.8CVSS6.8AI score0.00658EPSS

CVE•added 2011/04/20 3:14 a.m.•80 views

CVE-2011-0804

Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

3.6CVSS5.5AI score0.00164EPSS

CVE•added 2011/07/20 10:55 p.m.•80 views

CVE-2011-0876

Unspecified vulnerability in the Enterprise Manager Console component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors...

4.3CVSS5.9AI score0.00309EPSS

CVE•added 2011/07/20 11:55 p.m.•80 views

CVE-2011-2242

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP.

1.3CVSS5.8AI score0.00304EPSS

CVE•added 2011/07/20 11:55 p.m.•78 views

CVE-2011-2244

Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality and integrity via...

6.4CVSS5.7AI score0.00276EPSS

CVE•added 2011/07/20 11:55 p.m.•73 views

CVE-2011-2243

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7.3, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect integrity, related to SYSDBA.

3.5CVSS5.8AI score0.00181EPSS

CVE•added 2011/07/20 10:55 p.m.•72 views

CVE-2011-0838

6.5CVSS5.6AI score0.00265EPSS

CVE•added 2012/05/03 6:55 p.m.•67 views

CVE-2012-0552

Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

9CVSS5.6AI score0.00753EPSS

CVE•added 2013/07/17 1:41 p.m.•64 views

CVE-2013-3760

Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-3771.

7.2CVSS5.7AI score0.00127EPSS

CVE•added 2013/07/17 1:41 p.m.•63 views

CVE-2013-3771

7.2CVSS5.7AI score0.00127EPSS

CVE•added 2013/01/17 1:55 a.m.•62 views

CVE-2012-3220

Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privileges to affect confidentiality, integrity, and availability via unknown vectors.

9CVSS5.8AI score0.00611EPSS

CVE•added 2011/10/18 10:55 p.m.•58 views

CVE-2011-3512

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

6.5CVSS5.7AI score0.00509EPSS

CVE•added 2013/04/17 12:19 p.m.•57 views

CVE-2013-1538

Unspecified vulnerability in the Network Layer component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote attackers to affect availability via unknown vectors.

5CVSS6.1AI score0.00897EPSS

CVE•added 2012/05/03 5:55 p.m.•56 views

CVE-2012-0527

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Oracle Enterprise Manager Grid Control 10.2.0.5, allows remote attackers to affect integrity via unknown vectors related to Schem...

4.3CVSS5.8AI score0.00483EPSS

CVE•added 2012/05/03 5:55 p.m.•55 views

CVE-2012-0526

4.3CVSS5.8AI score0.00483EPSS

CVE•added 2012/05/03 5:55 p.m.•54 views

CVE-2012-0525

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Oracle Enterprise Manager Grid Control 10.2.0.5 and 11.1.0.1, allows remote authenticated users to affect confidentiality and integrity via unknown vectors rel...

4.9CVSS5.2AI score0.00209EPSS

CVE•added 2013/07/17 1:41 p.m.•52 views

CVE-2013-3789

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

6.5CVSS5.7AI score0.00729EPSS

CVE•added 2012/07/17 10:55 p.m.•51 views

CVE-2012-1737

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Enterprise Manager Grid Control EM Base Platform 10.2.0.5, EM Base Platform 11.1.0.1, EM Plugin for DB 12.1.0.1, and EM Plugin for DB 12.1.0.2, allows re...

6.8CVSS6AI score0.01203EPSS

CVE•added 2012/07/17 10:55 p.m.•51 views

CVE-2012-1745

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via unknown vectors.

5CVSS6.2AI score0.01107EPSS

CVE•added 2012/07/17 10:55 p.m.•50 views

CVE-2012-1746

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Windows, allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2012-1747.

5CVSS6.2AI score0.00874EPSS

CVE•added 2012/08/10 11:55 p.m.•50 views

CVE-2012-3132

SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTXSYS.CONTEXT INDEXTYPE and DBMS_STATS.GATHER_TABLE_STATS.

6.5CVSS7.5AI score0.00996EPSS

CVE•added 2012/10/16 11:55 p.m.•50 views

CVE-2012-3146

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors.

2.1CVSS5.7AI score0.0017EPSS

CVE•added 2013/04/17 12:19 p.m.•50 views

CVE-2013-1554

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via unknown vectors.

5CVSS6.1AI score0.00897EPSS

CVE•added 2012/10/16 11:55 p.m.•49 views

CVE-2012-1751

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to flashback archive.

6.5CVSS5.6AI score0.00375EPSS

CVE•added 2012/05/03 5:55 p.m.•48 views

CVE-2012-0534

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Create Session.

4CVSS5.5AI score0.00192EPSS

CVE•added 2012/10/16 11:55 p.m.•47 views

CVE-2012-3151

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Unix and Linux platforms, allows local users to affect integrity and availability via unknown vectors.

3.3CVSS5.8AI score0.0025EPSS

CVE•added 2013/07/17 1:41 p.m.•47 views

CVE-2013-3790

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Privileged Account.

2.1CVSS5.5AI score0.00379EPSS

CVE•added 2013/10/16 3:55 p.m.•45 views

CVE-2013-3826

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.

5CVSS6AI score0.00362EPSS

CVE•added 2012/01/18 10:55 p.m.•44 views

CVE-2012-0072

Unspecified vulnerability in the Listener component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote attackers to affect availability via unknown vectors.

5CVSS6.2AI score0.00874EPSS

CVE•added 2012/07/17 10:55 p.m.•44 views

CVE-2012-1747

5CVSS6.2AI score0.00874EPSS

CVE•added 2012/07/17 11:55 p.m.•44 views

CVE-2012-3134

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect availability via unknown vectors.

4CVSS5.7AI score0.00923EPSS

CVE•added 2013/10/16 3:55 p.m.•44 views

CVE-2013-5771

Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality and availability via unknown vectors.

6.4CVSS6AI score0.00796EPSS

Total number of security vulnerabilities55