Lucene search
K
OracleForms

5 matches found

CVE
CVE
added 2019/10/16 5:40 p.m.59 views

CVE-2019-2886

The CVE-2019-2886 entry concerns Oracle Forms (component: Services) within Oracle Fusion Middleware, affected version 12.2.1.3.0. The vulnerability is described as easily exploitable with network access via HTTP, allowing an unauthenticated attacker to compromise Oracle Forms, with successful att...

6.1CVSS5.7AI score0.00986EPSS
CVE
CVE
added 2005/07/17 4:0 a.m.54 views

CVE-2005-2294

Affected software: Oracle Forms on Unix (versions 4.5, 6.0, 6i, 9i). Vulnerability: when a large number of records are retrieved by an Oracle form, a copy of the database tables is stored in a world-readable temporary file. Root cause: insecure temporary file handling enabling a local user to rea...

2.1CVSS8.6AI score0.00564EPSS
CVE
CVE
added 2005/04/19 4:0 a.m.46 views

CVE-2005-1178

The CVE-2005-1178 entry describes an SQL injection vulnerability in Oracle Forms 10g. The vulnerability allows remote attackers to execute arbitrary SQL commands via the Query/Where feature, indicating an injectable input path in the application’s query-building mechanism. According to the NVD en...

7.5CVSS8.3AI score0.01737EPSS
CVE
CVE
added 2005/10/14 4:0 a.m.45 views

CVE-2005-3207

The CVE-2005-3207 item concerns Oracle Forms 4.5.10.22, where the forms servlet (f90servlet) can be abused by a userid parameter containing a STOP command to remotely cause a denial of service (TNS listener stop). The connected Nessus/NASL entry for the October 2005 CPU references multiple Oracle...

5CVSS6.2AI score0.19832EPSS
CVE
CVE
added 2005/07/26 4:0 a.m.43 views

CVE-2005-2372

CVE-2005-2372 affects Oracle Forms 4.5–10g, where Form executables (.FMX) can be loaded from arbitrary directories and executed with the privileges of the Oracle/System user. An attacker can upload a malicious FMX and reference it via an absolute path in either the (1) form or (2) module paramete...

7.2CVSS7.2AI score0.02864EPSS