Vulnerabilities > Oracle > Database Server > 10.2.0.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-10-17 | CVE-2007-5531 | Unspecified vulnerability in Oracle products Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02. | 10.0 |
2007-10-17 | CVE-2007-5530 | Unspecified vulnerability in Oracle Database Server 10.1.0.5/10.2.0.3 Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01. | 10.0 |
2007-10-17 | CVE-2007-5515 | Unspecified vulnerability in Oracle Database Server Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.2, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB27. | 6.5 |
2007-10-17 | CVE-2007-5514 | Unspecified vulnerability in Oracle Database Server 10.2.0.3 Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have unknown impact and attack vectors related to (1) Database Vault component (DB24) and (2) SQL Execution component (DB26). | 6.5 |
2007-10-17 | CVE-2007-5512 | Unspecified vulnerability in Oracle Database Server 10.2.0.3/9.2.0.8Dv Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV and 10.2.0.3 has unknown impact and remote attack vectors, aka DB21. | 7.5 |
2007-10-17 | CVE-2007-5508 | SQL Injection vulnerability in Oracle Database Server 10.1.0.5/10.2.0.3 Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) THEMES, (2) GIST, (3) TOKENS, (4) FILTER, (5) HIGHLIGHT, and (6) MARKUP procedures, aka DB03. | 6.5 |
2007-10-17 | CVE-2007-5507 | Improper Input Validation vulnerability in Oracle Database Server The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (crash) or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which triggers a buffer over-read, aka DB22. | 6.4 |
2007-10-17 | CVE-2007-5506 | Resource Management Errors vulnerability in Oracle Database Server The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20. | 7.8 |
2007-10-17 | CVE-2007-5505 | Unspecified vulnerability in Oracle Database Server Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to (1) the Export component (DB02), (2) Oracle Text (DB04), (3) Oracle Text (DB05), (4) Spatial component (DB07), and (5) Advanced Security Option (DB19). | 7.5 |
2007-07-18 | CVE-2007-3858 | Remote Security vulnerability in Oracle Database Server 10.2.0.3 Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow remote authenticated users to have an unknown impact via (1) EXFSYS.DBMS_RLMGR_UTL in Rules Manager (DB11) and (2) Program Interface (DB13). | 7.5 |