Vulnerabilities > Oracle > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-12-31 | CVE-2000-1235 | Unspecified vulnerability in Oracle Application Server The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files. | 5.0 |
2000-12-19 | CVE-2000-0987 | Unspecified vulnerability in Oracle Internet Directory and Oracle8I Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter. | 4.6 |
2000-12-19 | CVE-2000-0986 | Unspecified vulnerability in Oracle Oracle8I 8.1.5 Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsping, trcasst, and trcroute possibly allow local users to gain privileges via a long ORACLE_HOME environmental variable. | 4.6 |
2000-07-05 | CVE-2000-0576 | Unspecified vulnerability in Oracle web Listener 4.0.7/4.0.8 Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows remote attackers to cause a denial of service via a malformed URL. | 5.0 |
2000-03-05 | CVE-2000-0206 | Unspecified vulnerability in Oracle Oracle8I 8.1.5 The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges. | 6.2 |
2000-01-11 | CVE-2000-0045 | Unspecified vulnerability in Oracle Mysql 3.22.27/3.22.29/3.23.8 MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege. | 6.4 |
1999-08-16 | CVE-1999-0888 | Unspecified vulnerability in Oracle Database Server and Oracle8I dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script. | 4.6 |
1999-04-29 | CVE-1999-0711 | Unspecified vulnerability in Oracle Oracle8I The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root. | 4.6 |
1999-03-04 | CVE-1999-1256 | Unspecified vulnerability in Oracle Database Assistant 1.0 Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file. | 4.6 |
1998-12-27 | CVE-1999-1188 | Unspecified vulnerability in Oracle Mysql 3.21 mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database. | 4.6 |