Vulnerabilities > Oracle > Database Server > 9.2.0.6

DATE CVE VULNERABILITY TITLE RISK
2006-02-04 CVE-2006-0547 SQL-Injection vulnerability in Oracle10g Personal Edition
Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTH_ALTER_SESSION attribute in the authentication phase of the Transparent Network Substrate (TNS) protocol.
network
low complexity
oracle
7.5
2006-01-18 CVE-2006-0268 Multiple vulnerability in Oracle Database Server 10.1.0.4/9.0.1.5/9.2.0.6
Unspecified vulnerability in the Security component of Oracle Database server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB21.
network
low complexity
oracle
critical
9.0
2006-01-18 CVE-2006-0267 Multiple vulnerability in Oracle Database Server 10.1.0.4/9.2.0.6
Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.2.0.6 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB20.
network
low complexity
oracle
critical
9.0
2006-01-18 CVE-2006-0256 Multiple vulnerability in Oracle January Security Update
Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB01.
network
low complexity
oracle
critical
10.0
2005-11-02 CVE-2005-3446 Multiple vulnerability in Oracle Application Server and Database Server
Unspecified vulnerability in Internet Directory in Oracle Database Server 9i up to 9.2.0.6 and Application Server 9.0.2.3 up to 10.1.2.0 has unknown impact and attack vectors, aka Oracle Vuln# DB32 and AS06.
network
low complexity
oracle
critical
10.0
2005-11-02 CVE-2005-3445 Multiple vulnerability in Oracle Application Server and Database Server
Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05.
network
low complexity
oracle
critical
10.0
2005-11-02 CVE-2005-3444 Multiple vulnerability in Oracle October Security Update
Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i up to 9.2.0.5 have unknown impact and attack vectors, aka Oracle Vuln# DB26.
network
low complexity
oracle
critical
10.0
2005-11-02 CVE-2005-3443 Multiple vulnerability in Oracle October Security Update
Unspecified vulnerability in the Spatial component in Oracle Database Server from 9i up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB17.
network
low complexity
oracle
critical
10.0
2005-11-02 CVE-2005-3442 Multiple vulnerability in Oracle October Security Update
Multiple unspecified vulnerabilities in Oracle Database Server 8i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB09 in Export, (2) DB11 in Materialized Views, and (3) DB16 in Security Service.
network
low complexity
oracle
critical
10.0
2005-11-02 CVE-2005-3438 Multiple vulnerability in Oracle October Security Update
Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Logical Standby; (3) DB10 in Locale; (4) DB12 in Materialized Views; (5) DB13 in Objects Extension; (6) DB15 in Oracle Label Security; (7) DB27 in Security, possibly due to a buffer overflow in sys.pbsde.init; and (8) DB28 and (9) DB29 in Workspace Manager.
network
low complexity
oracle
critical
10.0