CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2007-5531
https://notcve.org/view.php?id=CVE-2007-5531
Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02. Vulnerabilidad no especificada en Oracle Help para Web, tal y como se usa en Oracle Application Server, Oracle Database 10.2.0.3, y Enterprise Manager 10.1.0.6, tiene un impacto desconocido y vectores de ataque remotos, también conocido como EM02. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 http://secunia.com/advisories/27251 http://secunia.com/advisories/27409 http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html http://www.securitytracker.com/id?1018823 http://www.us-cert.gov/cas/techalerts/TA07-290A.html http://www.vupen.com/english/advisories/2007/3524 http://www.vupen.com/english/advisories/2007/3626 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5510
https://notcve.org/view.php?id=CVE-2007-5510
Multiple unspecified vulnerabilities in the Workspace Manager component in Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 have unknown impact and remote attack vectors, aka (1) DB08, (2) DB09, (3) DB10, (4) DB11, (5) DB12, (6) DB13, (7) DB14, (8) DB15, (9) DB16, (10) DB17, and (11) DB18. NOTE: one of these issues is probably CVE-2007-5511, but there are insufficient details to be certain. Múltiples vulnerabilidades no especificadas en el componente Workspace Manager de Oracle Database anterior a OWM 10.2.0.4.1, OWM 10.1.0.8.0, y OWM 9.2.0.8.0 tienen impacto y vectores de ataque remotos desconocidos, también conocidas como (1) DB08, (2) DB09, (3) DB10, (4) DB11, (5) DB12, (6) DB13, (7) DB14, (8) DB15, (9) DB16, (10) DB17, and (11) DB18. NOTA: uno de estos problemas es probablemente CVE-2007-5511, pero no hay suficientes detalles para asegurarlo. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 http://secunia.com/advisories/27251 http://secunia.com/advisories/27409 http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html http://www.securitytracker.com/id?1018823 http://www.us-cert.gov/cas/techalerts/TA07-290A.html http://www.vupen.com/english/advisories/2007/3524 http://www.vupen.com/english/advisories/2007/3626 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5530
https://notcve.org/view.php?id=CVE-2007-5530
Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01. Vulnerabilidad no especificada en el componente Database Control para Oracle Database 10.1.0.5 y 10.2.0.3, y Enterprise Manager, tiene impacto y vectores de ataque remotos desconocidos, también conocido como EM01. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 http://secunia.com/advisories/27251 http://secunia.com/advisories/27409 http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html http://www.securitytracker.com/id?1018823 http://www.us-cert.gov/cas/techalerts/TA07-290A.html http://www.vupen.com/english/advisories/2007/3524 http://www.vupen.com/english/advisories/2007/3626 •
CVSS: 6.5EPSS: 97%CPEs: 1EXPL: 3CVE-2007-5511 – Oracle 10g - 'LT.FINDRICSET' SQL Injection (IDS Evasion)
https://notcve.org/view.php?id=CVE-2007-5511
SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain. Vulnerabilidad de inyección SQL en el Workspace Manager para las Bases de Datos Oracle anteriores a la OWM 10.2.0.4.1, OWM 10.1.0.8.0 y OWM 9.2.0.8.0 permite a atacantes remotos ejecutar comandos SQL de su elección a través del procedimiento FINDRICSET en el paquete LT. NOTA: esta vulnerabilidad esté, probablemente, cubierta por la CVE-2007-5510, pero no hay suficientes detalles para tener certeza. • https://www.exploit-db.com/exploits/4572 https://www.exploit-db.com/exploits/4570 https://www.exploit-db.com/exploits/4571 http://marc.info/?l=bugtraq&m=119332677525918&w=2 http://osvdb.org/40079 http://secunia.com/advisories/27251 http://secunia.com/advisories/27409 http://securityreason.com/securityalert/3245 http://www.securityfocus.com/archive/1/482429/100/0/threaded http://www.securityfocus.com/bid/26098 http://www.securitytracker.com/id?1018823 http://www • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2007-5515
https://notcve.org/view.php?id=CVE-2007-5515
Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.2, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB27. Vulnerabilidad no especificada en el componente Spatial de Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.2, y 10.2.0.3 tiene impacto y vectores de ataque remotos desconocidos, también conocida como DB27. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 http://secunia.com/advisories/27251 http://secunia.com/advisories/27409 http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html http://www.securitytracker.com/id?1018823 http://www.us-cert.gov/cas/techalerts/TA07-290A.html http://www.vupen.com/english/advisories/2007/3524 http://www.vupen.com/english/advisories/2007/3626 •