Vulnerabilities > Oracle > Database Server > 11.1.0.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-10-16 | CVE-2012-3151 | Local Core RDBMS vulnerability in Oracle Database Server Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Unix and Linux platforms, allows local users to affect integrity and availability via unknown vectors. | 3.3 |
| 2012-10-16 | CVE-2012-3146 | Remote Core RDBMS vulnerability in Oracle Database Server Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors. | 2.1 |
| 2012-10-16 | CVE-2012-1751 | SQL Injection vulnerability in Oracle Database Server 11.1.0.7/11.2.0.2/11.2.0.3 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to flashback archive. | 6.5 |
| 2012-09-21 | CVE-2012-3137 | Improper Authentication vulnerability in Oracle products The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability." | 6.4 |
| 2012-08-10 | CVE-2012-3132 | SQL Injection vulnerability in Oracle Database Server SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTXSYS.CONTEXT INDEXTYPE and DBMS_STATS.GATHER_TABLE_STATS. | 6.5 |
| 2012-07-17 | CVE-2012-3134 | Remote Core RDBMS vulnerability in Oracle Database Server 11.1.0.7/11.2.0.2/11.2.0.3 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect availability via unknown vectors. | 4.0 |
| 2012-07-17 | CVE-2012-1747 | Unspecified vulnerability in Oracle Database Server Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Windows, allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2012-1746. | 5.0 |
| 2012-07-17 | CVE-2012-1746 | Unspecified vulnerability in Oracle Database Server Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Windows, allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2012-1747. | 5.0 |
| 2012-07-17 | CVE-2012-1745 | Remote Network Layer vulnerability in Oracle Database Server Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via unknown vectors. | 5.0 |
| 2012-07-17 | CVE-2012-1737 | SQL Injection vulnerability in Oracle Enterprise Manager for Oracle Database Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Enterprise Manager Grid Control EM Base Platform 10.2.0.5, EM Base Platform 11.1.0.1, EM Plugin for DB 12.1.0.1, and EM Plugin for DB 12.1.0.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Performance Advisories/UIs. network oracle | 6.8 |