CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 0CVE-2008-1813
https://notcve.org/view.php?id=CVE-2008-1813
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password. Múltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5 y 10.2.0.3, presentan un impacto desconocido y vectores de ataque remotos no autenticados o autenticados relacionados con (1) SYS. DBMS_AQ en el componente Advanced Queue Server, también se conoce como DB01; (2) Core RDBMS, también se conoce como DB03; (3) SDO_GEOM en Oracle Spatial, también se conoce como DB06; (4) Export, también se conoce como DB12; y (5) DBMS_STATS en el Query Optimizer , también se conoce como DB13. • http://secunia.com/advisories/29829 http://secunia.com/advisories/29874 http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html http://www.red-database-security.com/advisory/oracle_outln_password_change.html http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html http://www.securityfocus.com/archive/1/490919/100/0/threaded http://www.securityfocus.com/archive/1/490950/100/0/threaded http://www.securityfocus.com/archive/1/491024/100/0/threaded h •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2008-1819
https://notcve.org/view.php?id=CVE-2008-1819
Unspecified vulnerability in the Oracle Net Services component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors, aka DB09. Vulnerabilidad no especificada en el componente Oracle Net Services en Oracle Database 9.2.0.8, 10.1.0.5 y 10.2.0.3 tiene impacto y vectores de ataque locales desconocidos, también conocido como DB09. • http://secunia.com/advisories/29829 http://secunia.com/advisories/29874 http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html http://www.securityfocus.com/archive/1/491024/100/0/threaded http://www.securitytracker.com/id?1019855 http://www.vupen.com/english/advisories/2008/1233/references http://www.vupen.com/english/advisories/2008/1267/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41858 https://exchange.xforce.ibmcloud.com/vulnerabilities/42033 •
CVSS: 10.0EPSS: 1%CPEs: 26EXPL: 0CVE-2008-0345
https://notcve.org/view.php?id=CVE-2008-0345
Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08. Vulnerabilidad no especificada en el componente Core RDBMS de Oracle Database 11.1.0.6 tiene impacto y vectores de ataque remotos desconocidos, también conocido como DB08. • http://marc.info/?l=bugtraq&m=120058413923005&w=2 http://secunia.com/advisories/28518 http://secunia.com/advisories/28556 http://securitytracker.com/id?1019218 http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html http://www.securityfocus.com/bid/27229 http://www.us-cert.gov/cas/techalerts/TA08-017A.html http://www.vupen.com/english/advisories/2008/0150 http://www.vupen.com/english/advisories/2008/0180 •
CVSS: 10.0EPSS: 1%CPEs: 26EXPL: 0CVE-2008-0346
https://notcve.org/view.php?id=CVE-2008-0346
Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01. Vulnerabilidad no especificada en el componente Oracle Jinitiator de Oracle Application Server 1.3.1.27 y E-Business Suite 11.5.10.2 tiene impacto y vectores de ataque remotos desconocidos, también conocido como AS01. • http://marc.info/?l=bugtraq&m=120058413923005&w=2 http://osvdb.org/40294 http://secunia.com/advisories/28518 http://secunia.com/advisories/28556 http://securitytracker.com/id?1019218 http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html http://www.securityfocus.com/bid/27229 http://www.us-cert.gov/cas/techalerts/TA08-017A.html http://www.vupen.com/english/advisories/2008/0150 http://www.vupen.com/english/advisories/2008/0180 •
CVSS: 10.0EPSS: 1%CPEs: 28EXPL: 0CVE-2008-0347
https://notcve.org/view.php?id=CVE-2008-0347
Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; and Application Server 9.0.4.3 and 10.1.2.0.2; has unknown impact and local attack vectors, aka OCS01. NOTE: Oracle has not disputed a reliable claim that this issue is related to WKSYS schema privileges. Una vulnerabilidad no especificada en el componente Oracle Ultra Search en Oracle Collaboration Suite versión 10.1.2; Database versiones 9.2.0.8, 10.1.0.5 y 10.2.0.3; y Application Server 9.0.4.3 y 10.1.2.0.2; presenta un impacto desconocido y vectores de ataque locales, también se conoce como OCS01. NOTA: Oracle no ha cuestionado una afirmación confiable de que este problema está relacionado con los privilegios del esquema WKSYS. • http://marc.info/?l=bugtraq&m=120058413923005&w=2 http://secunia.com/advisories/28518 http://secunia.com/advisories/28556 http://securitytracker.com/id?1019218 http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html http://www.petefinnigan.com/Advisory_CPU_Jan_2008.htm http://www.securityfocus.com/archive/1/487322/100/100/threaded http://www.securityfocus.com/bid/27229 http://www.us-cert.gov/cas/techalerts/TA08-017A.html http://www.vupen.com/english/advis •