Database Server@9.2.0.8 Security Vulnerabilities and Issues — Database Server@9.2.0.8 CVE List

Lucene search

OracleDatabase Server9.2.0.8

58 matches found

CVE•added 2010/07/13 10:30 p.m.•122 views

CVE-2010-0903

Unspecified vulnerability in the Net Foundation Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1, when running on Windows, allows remote attackers to affect availability via unknown vectors.

7.8CVSS6.2AI score0.00717EPSS

CVE•added 2009/07/14 11:30 p.m.•110 views

CVE-2009-1970

Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-0991.

5CVSS6AI score0.54138EPSS

CVE•added 2010/07/13 10:30 p.m.•108 views

CVE-2010-0911

Unspecified vulnerability in the Listener component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect availability via unknown vectors.

7.8CVSS6.2AI score0.00529EPSS

CVE•added 2009/07/14 11:30 p.m.•105 views

CVE-2009-1019

Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.1AI score0.11053EPSS

CVE•added 2008/07/15 11:41 p.m.•96 views

CVE-2008-2592

Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_DEFER_SYS. NOTE: the previous information was obtained from the Oracl...

5.5CVSS6.1AI score0.00599EPSS

CVE•added 2009/07/14 11:30 p.m.•94 views

CVE-2009-1021

Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5CVSS5.4AI score0.00411EPSS

CVE•added 2009/07/14 11:30 p.m.•92 views

CVE-2009-1020

Unspecified vulnerability in the Network Foundation component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

9CVSS5.7AI score0.04106EPSS

CVE•added 2009/07/14 11:30 p.m.•90 views

CVE-2009-1969

Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality via unknown vectors.

2.1CVSS5.5AI score0.00379EPSS

CVE•added 2007/04/18 6:19 p.m.•87 views

CVE-2007-2108

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 on Windows allows remote attackers to have an unknown impact, aka DB01. NOTE: as of 20070424, Oracle has not disputed reliable claims that this issue occurs because the NTLM SSPI Accept...

6.8CVSS6.4AI score0.32856EPSS

CVE•added 2009/07/14 11:30 p.m.•87 views

CVE-2009-0987

Unspecified vulnerability in the Upgrade component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5CVSS5.5AI score0.00576EPSS

CVE•added 2010/07/13 10:30 p.m.•86 views

CVE-2010-0900

Unspecified vulnerability in the Network Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1, when running on Windows, allows remote attackers to affect availability via unknown vectors.

2.6CVSS6.2AI score0.00705EPSS

CVE•added 2010/07/13 10:30 p.m.•85 views

CVE-2010-0902

Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

6CVSS5.6AI score0.00351EPSS

CVE•added 2007/01/17 2:28 a.m.•84 views

CVE-2007-0275

Cross-site scripting (XSS) vulnerability in Oracle Reports Web Cartridge (RWCGI60) in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 10.1.2; and Oracle E-Business Suite and Appli...

3.5CVSS7.4AI score0.00846EPSS

CVE•added 2009/04/15 10:30 a.m.•84 views

CVE-2009-0972

Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

6.5CVSS5.7AI score0.00575EPSS

CVE•added 2009/10/22 6:30 p.m.•82 views

CVE-2009-1972

Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL and DBMS_SQL.

2.1CVSS5.6AI score0.0044EPSS

CVE•added 2010/07/13 10:30 p.m.•82 views

CVE-2010-0901

Unspecified vulnerability in the Export component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Select Any Dictionary.

2.1CVSS5.3AI score0.00169EPSS

CVE•added 2008/01/17 11:0 p.m.•81 views

CVE-2008-0349

Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.15 and 8.49.07 has unknown impact and remote attack vectors, aka PSE02.

10CVSS9AI score0.01716EPSS

CVE•added 2009/07/14 11:30 p.m.•81 views

CVE-2009-1015

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.05, and 10.2.04 allows remote authenticated users to affect integrity via unknown vectors.

4CVSS5.7AI score0.00379EPSS

CVE•added 2007/07/18 7:30 p.m.•71 views

CVE-2007-3854

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable...

5.5CVSS9.4AI score0.06576EPSS

CVE•added 2008/01/17 11:0 p.m.•67 views

CVE-2008-0346

Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.

10CVSS8.9AI score0.02313EPSS

CVE•added 2008/01/17 11:0 p.m.•67 views

CVE-2008-0347

Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; and Application Server 9.0.4.3 and 10.1.2.0.2; has unknown impact and local attack vectors, aka OCS01. NOTE: Oracle has not disputed a reliable claim that t...

10CVSS8.6AI score0.0246EPSS

CVE•added 2008/01/17 11:0 p.m.•64 views

CVE-2008-0343

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has unknown impact and remote attack vectors, aka DB06.

10CVSS8.9AI score0.01716EPSS

CVE•added 2008/01/17 11:0 p.m.•62 views

CVE-2008-0345

Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08.

10CVSS9AI score0.01716EPSS

CVE•added 2010/01/13 1:30 a.m.•61 views

CVE-2009-3414

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-3976 and CVE-2009-3413.

4.9CVSS5.4AI score0.00427EPSS

CVE•added 2009/10/22 6:30 p.m.•59 views

CVE-2009-1985

Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6AI score0.03196EPSS

CVE•added 2008/01/17 11:0 p.m.•58 views

CVE-2008-0344

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote attack vectors, aka DB07.

10CVSS8.9AI score0.01716EPSS

CVE•added 2010/01/13 1:30 a.m.•58 views

CVE-2010-0071

Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6AI score0.12519EPSS

CVE•added 2008/01/17 11:0 p.m.•55 views

CVE-2008-0340

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04).

10CVSS9.2AI score0.01716EPSS

CVE•added 2008/01/17 11:0 p.m.•55 views

CVE-2008-0348

Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.

10CVSS9.3AI score0.01716EPSS

CVE•added 2007/04/18 6:19 p.m.•54 views

CVE-2007-2119

Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the Administration Front End for Oracle Enterprise (Ultra) Search, as used in Database Server 9.2.0.8, 10.1.0.5, and 10.2.0.2, and in Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to inject arbitrary ...

6.8CVSS8AI score0.07483EPSS

CVE•added 2007/07/18 7:30 p.m.•51 views

CVE-2007-3859

Unspecified vulnerability in the Oracle Internet Directory component for Oracle Database 9.2.0.8 and 9.2.0.8DV; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka OID01.

7.5CVSS9.2AI score0.01819EPSS

CVE•added 2010/01/13 1:30 a.m.•51 views

CVE-2009-3413

3.2CVSS5.4AI score0.00427EPSS

CVE•added 2010/04/13 10:30 p.m.•51 views

CVE-2010-0853

Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2.0.8, and DV; and Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.2AI score0.01376EPSS

CVE•added 2007/10/17 11:17 p.m.•50 views

CVE-2007-5520

Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05.

7.5CVSS8.9AI score0.00709EPSS

CVE•added 2009/10/22 6:30 p.m.•50 views

CVE-2009-1991

Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to CTXSYS.DRVXTABC. NOTE: the previous information was obtained from the October 2009 CPU. Oracle h...

3.6CVSS6.5AI score0.00688EPSS

CVE•added 2010/04/13 10:30 p.m.•50 views

CVE-2010-0851

Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality via unknown vectors.

4CVSS5.5AI score0.00311EPSS

CVE•added 2010/01/13 1:30 a.m.•49 views

CVE-2009-3415

Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

9CVSS5.6AI score0.00366EPSS

CVE•added 2009/10/22 6:30 p.m.•48 views

CVE-2009-1992

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6AI score0.02412EPSS

CVE•added 2010/01/13 1:30 a.m.•48 views

CVE-2009-3411

Unspecified vulnerability in the Oracle Data Pump component in Oracle Database 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

4.9CVSS5.4AI score0.00197EPSS

CVE•added 2007/10/17 11:17 p.m.•47 views

CVE-2007-5507

The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (crash) or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which ...

6.4CVSS6.5AI score0.0586EPSS

CVE•added 2008/01/17 11:0 p.m.•47 views

CVE-2008-0342

Unspecified vulnerability in the Upgrade/Downgrade component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB05.

10CVSS6.3AI score0.023EPSS

CVE•added 2007/01/17 2:28 a.m.•46 views

CVE-2007-0269

Unspecified vulnerability in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to the Change Data Capture and sys.dbms_cdc_subscribe privileges, aka DB02.

5.5CVSS5.9AI score0.00641EPSS

CVE•added 2007/10/17 11:17 p.m.•46 views

CVE-2007-5505

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to (1) the Export component (DB02), (2) Oracle Text (DB04), (3) Oracle Text (DB05), (4) Spatial component (DB07), and (5) Advanced Secu...

7.5CVSS6.4AI score0.00709EPSS

CVE•added 2007/10/17 11:17 p.m.•45 views

CVE-2007-5513

The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2) short entries contain any extra characters from usernames in previous entries, aka DB23.

5CVSS6.2AI score0.01094EPSS

CVE•added 2010/01/13 1:30 a.m.•45 views

CVE-2009-3410

Unspecified vulnerability in the RDBMS component in Oracle Database 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

3.6CVSS5.5AI score0.00197EPSS

CVE•added 2010/04/13 10:30 p.m.•45 views

CVE-2010-0870

Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_PUBLISH.

3.6CVSS5.6AI score0.47666EPSS

CVE•added 2007/07/18 7:30 p.m.•44 views

CVE-2007-3856

Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMP_SYS, aka DB04.

6.5CVSS5.8AI score0.04936EPSS

CVE•added 2007/07/18 7:30 p.m.•43 views

CVE-2007-3855

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via (1) SYS.DBMS_DRS in the DataGuard component (DB03), (2) SYS.DBMS_STANDARD in the PL/SQL component (DB10), (3) MDSYS.RTREE_IDX ...

6.5CVSS6.6AI score0.31136EPSS

CVE•added 2010/01/13 1:30 a.m.•43 views

CVE-2009-3412

Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors.

1CVSS7.6AI score0.00241EPSS

CVE•added 2010/04/13 10:30 p.m.•43 views

CVE-2010-0852

Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5CVSS5.5AI score0.00302EPSS

Total number of security vulnerabilities58