8 results (0.004 seconds)

CVSS: 7.5EPSS: 2%CPEs: 60EXPL: 0

Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11. • http://secunia.com/advisories/18493 http://secunia.com/advisories/18608 http://securitytracker.com/id?1015499 http://www.kb.cert.org/vuls/id/545804 http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html http://www.osvdb.org/22549 http://www.securityfocus.com/bid/16287 http://www.vupen.com/english/advisories/2006/0243 http://www.vupen.com/english/advisories/2006/0323 https://exchange.xforce.ibmcloud.com/vulnerabilities/24321 •

CVSS: 7.5EPSS: 0%CPEs: 101EXPL: 0

Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username. • http://www.ngssoftware.com/papers/database-on-xp.pdf http://www.securityfocus.com/bid/15450 •

CVSS: 9.0EPSS: 30%CPEs: 31EXPL: 0

Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter. Desbordamiento de búfer basado en la pila en Oracle Net Sevices de Oracle Database Server 9i release 2 y anteriores permite a atacantes ejecutar código arbitrario mediante una consulta "CREATE DATABASE LINK" conteniendo una cadena de conexión con un parámetro USING largo. • http://marc.info/?l=bugtraq&m=105162831008176&w=2 http://marc.info/?l=ntbugtraq&m=105163376015735&w=2 http://otn.oracle.com/deploy/security/pdf/2003alert54.pdf http://www.ciac.org/ciac/bulletins/n-085.shtml http://www.securityfocus.com/bid/7453 https://exchange.xforce.ibmcloud.com/vulnerabilities/11885 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i 8.1.7 and earlier allows remote attackers to cause a denial of service via a malformed SQLNet connection request with a large offset in the header extension. • http://www.nai.com/research/covert/advisories/049.asp •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value. • http://otn.oracle.com/deploy/security/pdf/net8_dos_alert.pdf http://xforce.iss.net/alerts/advise82.php •