Vulnerabilities > Oracle

DATE CVE VULNERABILITY TITLE RISK
2000-12-19 CVE-2000-0986 Unspecified vulnerability in Oracle Oracle8I 8.1.5
Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsping, trcasst, and trcroute possibly allow local users to gain privileges via a long ORACLE_HOME environmental variable.
local
low complexity
oracle
4.6
2000-12-19 CVE-2000-0981 Unspecified vulnerability in Oracle Mysql
MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.
local
low complexity
oracle
7.2
2000-12-19 CVE-2000-0818 Unspecified vulnerability in Oracle Listener 7.3.4/8.0.6/8.1.6
The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands.
network
low complexity
oracle
critical
10.0
2000-07-05 CVE-2000-0576 Unspecified vulnerability in Oracle web Listener 4.0.7/4.0.8
Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows remote attackers to cause a denial of service via a malformed URL.
network
low complexity
oracle
5.0
2000-03-15 CVE-2000-0169 Unspecified vulnerability in Oracle Application Server 4.0
Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'.
network
low complexity
oracle
7.5
2000-03-05 CVE-2000-0206 Unspecified vulnerability in Oracle Oracle8I 8.1.5
The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges.
local
high complexity
oracle
6.2
2000-02-08 CVE-2000-0148 Unspecified vulnerability in Oracle Mysql
MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
network
low complexity
oracle
7.5
2000-01-11 CVE-2000-0045 Unspecified vulnerability in Oracle Mysql 3.22.27/3.22.29/3.23.8
MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
network
low complexity
oracle
6.4
1999-11-25 CVE-1999-1547 Improper Input Validation vulnerability in Oracle web Listener 2.1
Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent.
network
low complexity
oracle CWE-20
7.5
1999-08-16 CVE-1999-0888 Unspecified vulnerability in Oracle Database Server and Oracle8I
dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script.
local
low complexity
oracle
4.6