CVSS: 4.6EPSS: 50%CPEs: 12EXPL: 2CVE-2005-1496
https://notcve.org/view.php?id=CVE-2005-1496
The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user. • http://marc.info/?l=bugtraq&m=111531740305049&w=2 http://www.red-database-security.com/exploits/oracle_exploit_dbms_scheduler_select_user.html http://www.securityfocus.com/bid/13509 https://exchange.xforce.ibmcloud.com/vulnerabilities/20410 •
CVSS: 7.2EPSS: 97%CPEs: 4EXPL: 4CVE-2004-1774 – Oracle Database 10.1 - MDSYS.MD2.SDO_CODE_SIZE Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1774
Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter. • https://www.exploit-db.com/exploits/25397 http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/025984.html http://www.appsecinc.com/resources/alerts/oracle/2004-0001 http://www.frsirt.com/exploits/20050413.OracleExploit.sql.php http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf http://www.securiteam.com/securitynews/5CP010KE0W.html http://www.securityfocus.com/bid/13145 https://exchange.xforce.ibmcloud.com/vulnerabilities/20078 •
CVSS: 4.6EPSS: 0%CPEs: 87EXPL: 0CVE-2004-1365
https://notcve.org/view.php?id=CVE-2004-1365
Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user. • http://marc.info/?l=bugtraq&m=110382471608835&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 http://www.kb.cert.org/vuls/id/316206 http://www.ngssoftware.com/advisories/oracle23122004C.txt http://www.securityfocus.com/bid/10871 http://www.us-cert.gov/cas/techalerts/TA04-245A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18662 •
CVSS: 7.5EPSS: 0%CPEs: 87EXPL: 0CVE-2004-1362
https://notcve.org/view.php?id=CVE-2004-1362
The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters. • http://marc.info/?l=bugtraq&m=110382306006205&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 http://www.kb.cert.org/vuls/id/435974 http://www.ngssoftware.com/advisories/oracle23122004G.txt http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf http://www.securityfocus.com/bid/10871 http://www.us-cert.gov/cas/techalerts/TA04-245A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18657 •
CVSS: 8.5EPSS: 1%CPEs: 87EXPL: 2CVE-2004-1364 – Oracle 9i/10g - 'extproc' Local/Remote Command Execution
https://notcve.org/view.php?id=CVE-2004-1364
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory. • https://www.exploit-db.com/exploits/2951 https://www.exploit-db.com/exploits/24353 http://marc.info/?l=bugtraq&m=110382406002365&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql http://www.kb.cert.org/vuls/id/316206 http://www.ngssoftware.com/advisories/oracle23122004B.txt http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf http://www.securityfocus.com/archive/1/454861/100/0/ • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •