Vulnerabilities > Oracle > Application Server > 10.1.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-01-14 | CVE-2008-4014 | Multiple vulnerability in Oracle January 2009 Critical Patch Update Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | 5.5 |
| 2006-01-26 | CVE-2006-0435 | Unspecified vulnerability in Oracle Application Server and Http Server Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01. | 7.5 |
| 2005-05-11 | CVE-2005-1496 | Privilege Escalation vulnerability in Oracle Application Server and Oracle10G The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user. | 4.6 |
| 2005-05-11 | CVE-2005-1495 | Buffer Overflow vulnerability in Oracle Application Server, Oracle10G and Oracle9I Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection. | 7.5 |
| 2005-05-03 | CVE-2005-1383 | Unspecified vulnerability in Oracle Application Server The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778. | 7.5 |