Lucene search
+L

4 matches found

CVE
CVE
added 2005/07/17 4:0 a.m.57 views

CVE-2005-2294

Affected software: Oracle Forms on Unix (versions 4.5, 6.0, 6i, 9i). Vulnerability: when a large number of records are retrieved by an Oracle form, a copy of the database tables is stored in a world-readable temporary file. Root cause: insecure temporary file handling enabling a local user to rea...

2.1CVSS8.6AI score0.00564EPSS
CVE
CVE
added 2005/04/19 4:0 a.m.49 views

CVE-2005-1178

The CVE-2005-1178 entry describes an SQL injection vulnerability in Oracle Forms 10g. The vulnerability allows remote attackers to execute arbitrary SQL commands via the Query/Where feature, indicating an injectable input path in the application’s query-building mechanism. According to the NVD en...

7.5CVSS8.3AI score0.01737EPSS
CVE
CVE
added 2005/10/14 4:0 a.m.46 views

CVE-2005-3207

The CVE-2005-3207 item concerns Oracle Forms 4.5.10.22, where the forms servlet (f90servlet) can be abused by a userid parameter containing a STOP command to remotely cause a denial of service (TNS listener stop). The connected Nessus/NASL entry for the October 2005 CPU references multiple Oracle...

5CVSS6.2AI score0.19832EPSS
CVE
CVE
added 2005/07/26 4:0 a.m.44 views

CVE-2005-2372

CVE-2005-2372 affects Oracle Forms 4.5–10g, where Form executables (.FMX) can be loaded from arbitrary directories and executed with the privileges of the Oracle/System user. An attacker can upload a malicious FMX and reference it via an absolute path in either the (1) form or (2) module paramete...

7.2CVSS7.2AI score0.02864EPSS