CVSS: 7.5EPSS: 3%CPEs: 87EXPL: 0CVE-2004-1369
https://notcve.org/view.php?id=CVE-2004-1369
04 Aug 2004 — The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory. • http://marc.info/?l=bugtraq&m=110382524401468&w=2 •
CVSS: 9.8EPSS: 1%CPEs: 87EXPL: 0CVE-2004-1370
https://notcve.org/view.php?id=CVE-2004-1370
04 Aug 2004 — Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COMPLETE_ACL_SNAPSHOT, (5) WK_ACL.DELETE_ACLS_WITH_STATEMENT, or (6) DRILOAD.VALIDATE_STMT. • http://marc.info/?l=bugtraq&m=110382596129607&w=2 •
CVSS: 9.8EPSS: 32%CPEs: 88EXPL: 0CVE-2004-1371
https://notcve.org/view.php?id=CVE-2004-1371
04 Aug 2004 — Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure. • http://marc.info/?l=bugtraq&m=110382570313035&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 6%CPEs: 10EXPL: 0CVE-2004-0543
https://notcve.org/view.php?id=CVE-2004-0543
10 Jun 2004 — Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries. Múltiples vulnerabilidades de inyección de SQL en Oracle Applications 11.0 y Oracle E-Business Suite 11.5.1 a 11.5.8 permite a atacantes remotos ejecutar procedimientos y consultas SQL de su elección. • http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0032.html •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2003-1116
https://notcve.org/view.php?id=CVE-2003-1116
31 Dec 2003 — The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener. • http://marc.info/?l=bugtraq&m=105012832418415&w=2 •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 0CVE-2003-0632
https://notcve.org/view.php?id=CVE-2003-0632
02 Aug 2003 — Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. Desbordamiento de búfer en el programa CGI FNDWRR.exe de Oracle Applications Web Report Review (FNDWRR) de Oracle E-Business Suite 11.0 and 11.5.1 a 11.5.8 puede permitir a atacantes remotos ejecutar código arbitrario mediante una URL larga. • http://marc.info/?l=bugtraq&m=105906721920776&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2003-0633
https://notcve.org/view.php?id=CVE-2003-0633
02 Aug 2003 — Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key. Múltiples vulnerabilidades en aoljtest.jsp de Oracle Applications AOL/J Setup Test Suite en Oracle E-Business Suite 11.5.1 a 11.5.8 permite a atacantes remotos obtener información sensible sin autenticarse, como la contrase... • http://marc.info/?l=bugtraq&m=105906689120237&w=2 •
CVSS: 9.1EPSS: 1%CPEs: 6EXPL: 1CVE-2002-1882
https://notcve.org/view.php?id=CVE-2002-1882
31 Dec 2002 — Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors. • http://www.iss.net/security_center/static/10285.php •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2002-1666
https://notcve.org/view.php?id=CVE-2002-1666
31 Dec 2002 — Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 allows remote attackers to execute unauthorized PL/SQL procedures by modifying the Oracle Applications URL. • http://otn.oracle.com/deploy/security/pdf/apps_alert_ebiz2.pdf •