Vulnerabilities > Oracle > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-06-01 | CVE-2004-0388 | Unspecified vulnerability in Oracle Mysql 5.0.33 The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. | 2.1 |
| 2004-05-04 | CVE-2004-0381 | mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | 2.1 |
| 2004-03-30 | CVE-2004-1877 | Authentication Credential Disclosure vulnerability in Oracle Application Server and Http Server The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password. | 2.6 |
| 2003-10-20 | CVE-2003-0727 | Unspecified vulnerability in Oracle Database Server Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions. | 2.1 |
| 2002-07-03 | CVE-2002-0568 | Information Disclosure vulnerability in Oracle Application Server, Oracle8I and Oracle9I Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory. | 2.1 |
| 2001-12-06 | CVE-2001-0832 | Local Security vulnerability in Oracle9i Enterprise Edition Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability." | 2.1 |
| 2001-08-31 | CVE-2001-1041 | Unspecified vulnerability in Oracle Database Server 8.0/8.1/9.0.1 oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable. | 2.1 |
| 2001-06-02 | CVE-2001-0300 | Local Security vulnerability in Oracle Internet Directory 2.1.1.1 oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack. | 2.1 |