Vulnerabilities > Oracle

DATE CVE VULNERABILITY TITLE RISK
2001-10-02 CVE-2001-1255 WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.
local
low complexity
mysql oracle
4.6
2001-08-31 CVE-2001-1041 Unspecified vulnerability in Oracle Database Server 8.0/8.1/9.0.1
oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable.
local
low complexity
oracle
2.1
2001-08-31 CVE-2001-0943 Unspecified vulnerability in Oracle Database Server 8.0.5/8.1.5
dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the (1) chown or (2) chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs.
local
low complexity
oracle
7.2
2001-08-22 CVE-2001-0591 Unspecified vulnerability in Oracle Application Server and JSP
Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack.
network
low complexity
oracle
7.5
2001-08-14 CVE-2001-0528 Unspecified vulnerability in Oracle E-Business Suite 11I
Oracle E-Business Suite Release 11i Applications Desktop Integrator (ADI) version 7.x includes a debug version of FNDPUB11I.DLL, which logs the APPS schema password in cleartext in a debug file, which allows local users to obtain the password and gain privileges.
local
low complexity
oracle
7.2
2001-07-21 CVE-2001-0518 Unspecified vulnerability in Oracle Oracle9I
Oracle listener before Oracle 9i allows attackers to cause a denial of service by repeatedly sending the first portion of a fragmented Oracle command without sending the remainder of the command, which causes the listener to hang.
network
low complexity
oracle
5.0
2001-07-21 CVE-2001-0517 Unspecified vulnerability in Oracle Oracle8I 8.1.6/8.1.7
Oracle listener in Oracle 8i on Solaris allows remote attackers to cause a denial of service via a malformed connection packet with a maximum transport data size that is set to 0.
network
low complexity
oracle
5.0
2001-07-21 CVE-2001-0516 Unspecified vulnerability in Oracle Oracle8I and Oracle9I
Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data.
network
low complexity
oracle
5.0
2001-07-21 CVE-2001-0515 Unspecified vulnerability in Oracle Database Server and Oracle8I
Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value.
network
low complexity
oracle
5.0
2001-07-21 CVE-2001-0513 Unspecified vulnerability in Oracle Oracle9I
Oracle listener process on Windows NT redirects connection requests to another port and creates a separate thread to process the request, which allows remote attackers to cause a denial of service by repeatedly connecting to the Oracle listener but not connecting to the redirected port.
network
low complexity
oracle
5.0