CVSS: 7.8EPSS: 7%CPEs: 5EXPL: 0CVE-2007-5506
https://notcve.org/view.php?id=CVE-2007-5506
17 Oct 2007 — The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20. El núcleo del componente RDBMS en Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, y 10.2.0.3 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante un paquete de datos tipo 6 manipulado artesanalmente, también conocido como DB20. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 6%CPEs: 5EXPL: 0CVE-2007-5507
https://notcve.org/view.php?id=CVE-2007-5507
17 Oct 2007 — The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (crash) or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which triggers a buffer over-read, aka DB22. El servicio GIOP en TNS Listener del componente Oracle Net Services de Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, y 10.2.0.3 permite a atacantes remotos provocar... • http://marc.info/?l=bugtraq&m=119332677525918&w=2 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 6%CPEs: 38EXPL: 0CVE-2007-3854
https://notcve.org/view.php?id=CVE-2007-3854
18 Jul 2007 — Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow. Múltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5+, 9.2.0.7 y 10.1.0.5, permiten a usuarios auten... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143 •
CVSS: 8.8EPSS: 31%CPEs: 5EXPL: 2CVE-2007-3855 – Oracle 9i/10g - Evil Views Change Passwords
https://notcve.org/view.php?id=CVE-2007-3855
18 Jul 2007 — Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via (1) SYS.DBMS_DRS in the DataGuard component (DB03), (2) SYS.DBMS_STANDARD in the PL/SQL component (DB10), (3) MDSYS.RTREE_IDX in the Spatial component (DB16), and (4) SQL Compiler (DB17). NOTE: a reliable researcher claims that DB17 is for using Views to perform unauthorized insert, update, or delete actions. Multiples vulnerabilidades n... • https://www.exploit-db.com/exploits/4203 •
CVSS: 10.0EPSS: 28%CPEs: 4EXPL: 1CVE-2007-3336 – CA Advantage Ingres 2.6 - Multiple Buffer Overflow Vulnerabilities (PoC)
https://notcve.org/view.php?id=CVE-2007-3336
22 Jun 2007 — Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input. Múltiples vulnerabilidades "pointer overwrite" en Ingres database server 2006 versiones 9.0.4, r3, 2.6 y 2.5, t... • https://www.exploit-db.com/exploits/14646 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2007-3337
https://notcve.org/view.php?id=CVE-2007-3337
22 Jun 2007 — wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file. El inicio (wakeup) en la base de datos Ingres server 2006 9.0.4, r3, 2.6 y 2.5, tal y como se usa en los productos CA (Computer Associates), permite a usuarios locales truncar ficheros de su elección mediante un ataque symlink (de enlaces simbólicos) en el fichero alarmwkp.def. • http://osvdb.org/37485 •
CVSS: 10.0EPSS: 20%CPEs: 4EXPL: 0CVE-2007-3338
https://notcve.org/view.php?id=CVE-2007-3338
22 Jun 2007 — Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions. Múltiples desbordamientos de búfer en la región stack de la memoria en Ingres database server 2006 versiones 9.0.4, r3, 2.6 y 2.5, tal como se usa en varios productos de CA (Computer Associates), permiten a los atacantes remotos ejecutar código arbitrario... • http://osvdb.org/37483 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 32%CPEs: 5EXPL: 0CVE-2007-2108
https://notcve.org/view.php?id=CVE-2007-2108
18 Apr 2007 — Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 on Windows allows remote attackers to have an unknown impact, aka DB01. NOTE: as of 20070424, Oracle has not disputed reliable claims that this issue occurs because the NTLM SSPI AcceptSecurityContext function grants privileges based on the username provided even though all users are authenticated as Guest, which allows remote attackers to gain privileges. Una vulnerabilidad no especificada en e... • http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-2110
https://notcve.org/view.php?id=CVE-2007-2110
18 Apr 2007 — Unspecified vulnerability in the Core RDBMS component for Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.4 on Windows systems has unknown impact and attack vectors, aka DB03. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB03 occurs because RDBMS uses a NULL Discretionary Access Control List (DACL) for the Oracle process and certain shared memory sections, which allows local users to inject threads and execute arbitrary code via the OpenProcess, OpenThread, and SetThreadContext functions... • http://www.freelists.org/archives/oracle-l/12-2006/msg00004.html •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2007-2111
https://notcve.org/view.php?id=CVE-2007-2111
18 Apr 2007 — SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 allows remote authenticated users to inject arbitrary SQL commands via unknown vectors, aka DB04. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB04 is actually for multiple vulnerabilities. Una vulnerabilidad de inyección SQL en el paquete SYS.DBMS_AQADM_SYS en Oracle Database versiones 9.0.1.5, 9.2.0.7 y 10.1.0.5 permite a los usuarios autenticados remotos inyectar comandos ... • http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •