Vulnerabilities > Oracle > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2001-06-18 | CVE-2001-0249 | Incorrect Calculation of Buffer Size vulnerability in multiple products Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. | 9.8 |
2000-12-19 | CVE-2000-0818 | Unspecified vulnerability in Oracle Listener 7.3.4/8.0.6/8.1.6 The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands. | 10.0 |
1997-09-19 | CVE-1999-1125 | Unspecified vulnerability in Oracle Http Server Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. | 10.0 |