Page 4 of 17 results (0.002 seconds)

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 1

Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." • https://www.exploit-db.com/exploits/21045 http://marc.info/?l=bugtraq&m=100386756715645&w=2 http://online.securityfocus.com/archive/1/201295 http://online.securityfocus.com/archive/1/222612 http://otn.oracle.com/deploy/security/pdf/otrcrep.pdf http://www.ciac.org/ciac/bulletins/m-011.shtml http://www.securityfocus.com/bid/3139 https://exchange.xforce.ibmcloud.com/vulnerabilities/6940 •

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0

Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability." • http://marc.info/?l=bugtraq&m=100386756715645&w=2 http://otn.oracle.com/deploy/security/pdf/oracle_race.pdf •