Vulnerabilities > Oracle > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-01-17 | CVE-2007-0280 | Multiple vulnerability in Oracle products Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN01. | 7.5 |
2007-01-17 | CVE-2007-0279 | Multiple vulnerability in Oracle January 2007 Security Update Multiple unspecified vulnerabilities in Oracle HTTP Server 9.2.0.8 and Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, aka (1) OHS01, (2) OHS02, (3) OHS05, (4) OHS06, and (5) OHS07. | 7.5 |
2007-01-17 | CVE-2007-0272 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Oracle Database Server Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via unspecified vectors involving certain public procedures, aka DB05. | 8.5 |
2006-12-22 | CVE-2006-6697 | HTTP Response Splitting vulnerability in Oracle Application Server Portal 10G/9.0.2 CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle Portal 10g and earlier, including 9.0.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the enc parameter. | 7.5 |
2006-10-18 | CVE-2006-5350 | Multiple vulnerability in Oracle October 2006 Security Update Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and local attack vectors, aka Vuln# OHS08. | 7.2 |
2006-10-18 | CVE-2006-5346 | Multiple vulnerability in Oracle Collaboration Suite, E-Business Suite and Http Server Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, as used in Oracle Collaboration Suite 9.0.4.2 and Oracle E-Business Suite and Applications 11.5.10CU2, has unknown impact and remote attack vectors related to htdigest, aka Vuln# OHS02. | 7.6 |
2006-10-18 | CVE-2006-5342 | Multiple vulnerability in Oracle October 2006 Security Update Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.3 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_tune, aka Vuln# DB18. | 7.1 |
2006-10-18 | CVE-2006-5340 | Multiple vulnerability in Oracle October 2006 Security Update Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 have unknown impact and remote authenticated attack vectors related to (1) mdsys.sdo_lrs, aka Vuln# DB13, and (2) Vuln# DB17. | 7.1 |
2006-10-18 | CVE-2006-5334 | Multiple vulnerability in Oracle Database Server 10.1.0.5/9.0.1.5/9.2.0.7 Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln# DB03. | 7.1 |
2006-10-18 | CVE-2006-5333 | Multiple vulnerability in Oracle Database Server 10.2.0.2 Unspecified vulnerability in Oracle Spatial component in Oracle Database 10.2.0.2 has unknown impact and remote authenticated attack vectors related to "create session" privileges, aka Vuln# DB02. | 7.1 |