CVSS: 9.8EPSS: 32%CPEs: 88EXPL: 0CVE-2004-1371
https://notcve.org/view.php?id=CVE-2004-1371
04 Aug 2004 — Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure. • http://marc.info/?l=bugtraq&m=110382570313035&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 20%CPEs: 70EXPL: 2CVE-2004-1707 – Oracle9i Database - Default Library Directory Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1707
30 Jul 2004 — The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0. • https://www.exploit-db.com/exploits/24335 •
CVSS: 8.8EPSS: 2%CPEs: 29EXPL: 0CVE-2003-0634
https://notcve.org/view.php?id=CVE-2003-0634
02 Aug 2003 — Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name. Desbordamiento de búfer basado en la pila en EXTPROC de Oracle 9i Database Release 2 y 1, y Oracle 8i, permite a usuarios autenticados de la base de datos, posiblemente sólo aquellos con privilegios CREATE LIBRARY o CREATE ANY LIBRARY, ejecutar código arbitrario... • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0105.html •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 1CVE-2002-1118
https://notcve.org/view.php?id=CVE-2002-1118
28 Oct 2002 — TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote attackers to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command. El escuchador TNS en Oracle Net Services de Oracle 9i 9.2.x y 9.0.x, y Oracle 8i 8.1.x, permite a atacantes remotos causar una denegación de servicio (cuelgue o caída) mediante un comando SERVICE_CURLOAD. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0017.html •
CVSS: 6.8EPSS: 92%CPEs: 47EXPL: 1CVE-2002-0840 – Apache 1.3/2.0.x - Server Side Include Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-0840
11 Oct 2002 — Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157. Vulnerabilidad de comandos en sitios cruzados (cross-site scripting, XSS) en la página de error por defecto en Apache 2.0 antes de 2.0.43, y en 1.3.x hasta 1.3.26, cuando el parámetro... • https://www.exploit-db.com/exploits/21885 •
CVSS: 9.8EPSS: 1%CPEs: 27EXPL: 0CVE-2002-0567
https://notcve.org/view.php?id=CVE-2002-0567
03 Jul 2002 — Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process. • http://marc.info/?l=bugtraq&m=101301332402079&w=2 •