Vulnerabilities > Oracle > Oracle9I > enterprise.9.0.1.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-02-04 | CVE-2006-0552 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11. | 7.5 |
2006-01-18 | CVE-2006-0271 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Upgrade & Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB28. | 10.0 |
2006-01-18 | CVE-2006-0262 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08. | 10.0 |
2005-11-16 | CVE-2005-3641 | Authentication Bypass vulnerability in Oracle Database Windows XP Simple File Sharing Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username. | 7.5 |
2005-10-14 | CVE-2005-3204 | Cross-Site Scripting vulnerability in Oracle Application Server and Oracle9I Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request. network oracle | 4.3 |
2004-12-31 | CVE-2004-0638 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Oracle Oracle8I and Oracle9I Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument. | 8.5 |
2004-08-04 | CVE-2004-1371 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Oracle products Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure. | 9.0 |
2004-08-04 | CVE-2004-1370 | Multiple Unspecified vulnerability in Oracle Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COMPLETE_ACL_SNAPSHOT, (5) WK_ACL.DELETE_ACLS_WITH_STATEMENT, or (6) DRILOAD.VALIDATE_STMT. | 7.5 |
2004-08-04 | CVE-2004-1369 | Multiple Unspecified vulnerability in Oracle The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory. | 5.0 |
2004-08-04 | CVE-2004-1368 | Multiple Unspecified vulnerability in Oracle ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script. | 7.8 |