CVSS: 8.8EPSS: 29%CPEs: 4EXPL: 0CVE-2007-0272
https://notcve.org/view.php?id=CVE-2007-0272
17 Jan 2007 — Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via unspecified vectors involving certain public procedures, aka DB05. Múltiples desbordamientos de búfer en MDSYS.MD en Oracle Database versiones 8.1.7.4, 9.0.1.5, 9.2.0.7 y 10.1.0.4 permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo) o ejecutar código arbitrario por medio de vect... • http://osvdb.org/32911 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-0276
https://notcve.org/view.php?id=CVE-2007-0276
17 Jan 2007 — Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 and 9.0.1.5 have unknown impact and attack vectors related to (1) Advanced Security Option and oklist or okdstry (DB10), (2) Oracle Net Services (DB13), and (3) Recovery Manager and oklist (DB16). Múltiples vulnerabilidades no especificadas en Oracle Database 8.1.7.4 y 9.0.1.5 tienen impacto y vectores de ataque desconocidos relacionados con (1) Advanced Security Option y oklist o okdstry (DB10), (2) Oracle Net Services (DB13), y (3) Recovery M... • http://osvdb.org/32916 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-0278
https://notcve.org/view.php?id=CVE-2007-0278
17 Jan 2007 — Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) NLS Runtime and lmsgen (DB12), and (2) Oracle Text and ctxkbtc (DB14). Múltiples vulnerabilidades no especificadas en Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, y 10.1.0.5 tienen impacto y vectores de ataque desconocidos relacionados con (1) NLS Runtime y lmsgen (DB12), y (2) Oracle Text y ctxkbtc (DB14). • http://osvdb.org/32918 •
CVSS: 9.8EPSS: 5%CPEs: 4EXPL: 0CVE-2006-5339
https://notcve.org/view.php?id=CVE-2006-5339
18 Oct 2006 — Unspecified vulnerability in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_geom, aka Vuln# DB11. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB11 is related to "length checking" in the RELATE function before MD2.RELATE is called. Vulnerabilidad no especificada en el componente Oracle Spatial en Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, y 10.1.0.4 t... • http://secunia.com/advisories/22396 •
CVSS: 9.8EPSS: 10%CPEs: 5EXPL: 0CVE-2006-5340
https://notcve.org/view.php?id=CVE-2006-5340
18 Oct 2006 — Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 have unknown impact and remote authenticated attack vectors related to (1) mdsys.sdo_lrs, aka Vuln# DB13, and (2) Vuln# DB17. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB13 is related to bypassing input validation for SQL injection related to convert_to_lrs_layer and dbms_assert, and DB17 is related to SQL injection in the trigger ... • http://archive.cert.uni-stuttgart.de/archive/bugtraq/2006/07/msg00489.html •
CVSS: 9.8EPSS: 13%CPEs: 4EXPL: 0CVE-2006-5344
https://notcve.org/view.php?id=CVE-2006-5344
18 Oct 2006 — Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 have unknown impact and remote authenticated attack vectors related to (1) mdsys.sdo_3gl, aka Vuln# DB20, and (2) mdsys.sdo_cs, aka DB21. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB20 is a buffer overflow in GEOM_OPERATION, and DB21 is related to a buffer overflow and SQL injection in TRANSFORM_LAYER. Múltiples vulnerabilidades no especific... • http://secunia.com/advisories/22396 •
CVSS: 9.8EPSS: 2%CPEs: 3EXPL: 0CVE-2006-3701
https://notcve.org/view.php?id=CVE-2006-3701
19 Jul 2006 — Unspecified vulnerability in the Dictionary component in Oracle Database 8.1.7.4, 9.0.1.5, and 9.2.0.6 has unknown impact and attack vectors, aka Oracle Vuln# DB05. Vulnerabilidad no especificada en el componente Dictionary en Oracle Database 8.1.7.4, 9.0.1.5, y 9.2.0.6 tiene un impacto desconocido y vectores de ataque, también conocido como Oracle Vuln# DB05. • http://secunia.com/advisories/21111 •
CVSS: 10.0EPSS: 4%CPEs: 4EXPL: 0CVE-2006-3702
https://notcve.org/view.php?id=CVE-2006-3702
19 Jul 2006 — Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB06 in Export; (2) DB08, (3) DB09, (4) DB10, (5) DB11, (6) DB12, (7) DB13, (8) DB14, and (9) DBC01 for OCI; (10) DB16 for Query Rewrite/Summary Mgmt; (11) DB17, (12) DB18, (13) DB19, (14) DBC02, (15) DBC03, and (16) DBC04 for RPC; and (17) DB20 for Semantic Analysis. NOTE: as of 20060719, Oracle has not disputed third party claims that DB06 i... • http://secunia.com/advisories/21111 •
CVSS: 9.8EPSS: 5%CPEs: 4EXPL: 1CVE-2006-1866
https://notcve.org/view.php?id=CVE-2006-1866
20 Apr 2006 — Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and other versions have unknown impact and attack vectors in the (1) Advanced Replication component, as identified by Vuln# DB01, and (2) Oracle Spatial component, as identified by Vuln# DB10. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly disputed a claim by a reliable independent researcher that states that DB01 is an unknown issue in the DBMS_REPUTIL package, and DB10... • http://secunia.com/advisories/19712 •
CVSS: 10.0EPSS: 7%CPEs: 2EXPL: 1CVE-2006-1869
https://notcve.org/view.php?id=CVE-2006-1869
20 Apr 2006 — Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 has unknown impact and attack vectors in the Dictionary component, aka Vuln# DB04. Vulnerabilidad no especificada en Oracle Database Server 8.1.7.4 y 9.0.1.5 con impacto y vectores de ataque desconocidos en el componente Dictionary (Diccionario), tcc Vuln# DB04. • http://secunia.com/advisories/19712 •