Vulnerabilities > Oracle > Low

DATE CVE VULNERABILITY TITLE RISK
2004-06-01 CVE-2004-0388 Unspecified vulnerability in Oracle Mysql 5.0.33
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
local
low complexity
oracle
2.1
2004-05-04 CVE-2004-0381 mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
local
low complexity
mysql oracle
2.1
2004-03-30 CVE-2004-1877 Authentication Credential Disclosure vulnerability in Oracle Application Server and Http Server
The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password.
network
high complexity
oracle
2.6
2003-10-20 CVE-2003-0727 Unspecified vulnerability in Oracle Database Server
Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.
local
low complexity
oracle
2.1
2002-07-03 CVE-2002-0568 Information Disclosure vulnerability in Oracle Application Server, Oracle8I and Oracle9I
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.
local
low complexity
oracle
2.1
2001-12-06 CVE-2001-0832 Local Security vulnerability in Oracle9i Enterprise Edition
Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability."
local
low complexity
oracle
2.1
2001-08-31 CVE-2001-1041 Unspecified vulnerability in Oracle Database Server 8.0/8.1/9.0.1
oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable.
local
low complexity
oracle
2.1
2001-06-02 CVE-2001-0300 Local Security vulnerability in Oracle Internet Directory 2.1.1.1
oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack.
local
low complexity
oracle
2.1