CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2008-2608
https://notcve.org/view.php?id=CVE-2008-2608
Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote authenticated attack vectors related to SYS.KUPF$FILE_INT. Vulnerabilidad sin especificar en el Componente Data Punmp en Oracle Database 10.1.0.5 y 10.2.0.3, posee un impacto y vectores de ataque autenticados remotamente relacionados con SYS.KUPF$FILE_INT. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020499 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 •
CVSS: 1.5EPSS: 0%CPEs: 7EXPL: 0CVE-2008-2587
https://notcve.org/view.php?id=CVE-2008-2587
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors. Vulnerabilidad no especificada en el componente Advanced Replication component de Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, y 10.2.0.3 tiene un impacto desconocido y vectores de ataque locales. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020499 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2008-1817
https://notcve.org/view.php?id=CVE-2008-1817
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection. Múltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6, presenta un impacto desconocido y vectores de ataque remotos relacionados con (1) SDO_IDX en el componente Spatial, también se conoce como DB07; y (2) Core RDBMS, también se conoce como DB10. NOTA: la información anterior fue obtenida de la CPU de Oracle. • http://secunia.com/advisories/29829 http://secunia.com/advisories/29874 http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html http://www.securityfocus.com/archive/1/490920/100/0/threaded http://www.securityfocus.com/archive/1/491024/100/0/threaded http://www.securitytracker.com/id?1019855 http://www.vupen.com/english/advisories/2008/1233/references http://www.vupen.com/english/advisorie •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2008-1816
https://notcve.org/view.php?id=CVE-2008-1816
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 have unknown impact and remote authenticated attack vectors related to (1) SDO_UTIL in the Oracle Spatial component, aka DB05; or (2) fine grained auditing in the Audit component, aka DB14. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB05 is SQL injection. Múltiples vulnerabilidades no especificadas en Oracle Database versiones 10.1.0.5 y 10.2.0.3, presenta un impacto desconocido y vectores de ataque remotos autenticados relacionados con (1) SDO_UTIL en el componente Oracle Spatial, también se conoce como DB05 ; o (2) auditoría detallada en el componente Audit, también se conoce como DB14. NOTA: la información anterior fue obtenida de la CPU de Oracle. • http://secunia.com/advisories/29829 http://secunia.com/advisories/29874 http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_util.html http://www.securityfocus.com/archive/1/490918/100/0/threaded http://www.securityfocus.com/archive/1/491024/100/0/threaded http://www.securitytracker.com/id?1019855 http://www.vupen.com/english/advisories/2008/1233/references http://www.vupen.com/english/advisori •
CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 0CVE-2008-1813
https://notcve.org/view.php?id=CVE-2008-1813
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password. Múltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5 y 10.2.0.3, presentan un impacto desconocido y vectores de ataque remotos no autenticados o autenticados relacionados con (1) SYS. DBMS_AQ en el componente Advanced Queue Server, también se conoce como DB01; (2) Core RDBMS, también se conoce como DB03; (3) SDO_GEOM en Oracle Spatial, también se conoce como DB06; (4) Export, también se conoce como DB12; y (5) DBMS_STATS en el Query Optimizer , también se conoce como DB13. • http://secunia.com/advisories/29829 http://secunia.com/advisories/29874 http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html http://www.red-database-security.com/advisory/oracle_outln_password_change.html http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html http://www.securityfocus.com/archive/1/490919/100/0/threaded http://www.securityfocus.com/archive/1/490950/100/0/threaded http://www.securityfocus.com/archive/1/491024/100/0/threaded h •