Vulnerabilities > Oracle > Application Server > 9.2.0.6

DATE CVE VULNERABILITY TITLE RISK
2009-01-14 CVE-2008-4014 Multiple vulnerability in Oracle January 2009 Critical Patch Update
Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
network
low complexity
oracle
5.5
2006-01-26 CVE-2006-0435 Unspecified vulnerability in Oracle Application Server and Http Server
Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01.
network
low complexity
oracle
7.5
2005-10-14 CVE-2005-3204 Cross-Site Scripting vulnerability in Oracle Application Server and Oracle9I
Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request.
network
oracle
4.3