CVE-2007-3854
https://notcve.org/view.php?id=CVE-2007-3854
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow. Múltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5+, 9.2.0.7 y 10.1.0.5, permiten a usuarios autenticados remotoss tener un impacto desconocido por medio de (1) SYS.DBMS_PRVTAQIS en el componente Advanced Queuing (DB02) y (2) MDSYS.MD en el componente Spatial (DB12). NOTA: Oracle no ha cuestionado las afirmaciones de investigadores confiables de que DB02 es para una inyección SQL y DB12 para un desbordamiento de búfer. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143 http://secunia.com/advisories/26114 http://secunia.com/advisories/26166 http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html http://w •
CVE-2006-3710
https://notcve.org/view.php?id=CVE-2006-3710
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# (1) AS05 and (2) AS08. Vulnerabilidad no especificada en OC4J para Oracle Application Server9.0.2.3, 9.0.3.1, 9.0.4.2, y 10.1.2.0.0 tiene un impacto desconocido y vectores de ataque, también conocido como Oracle Vuln# (1) AS05 y (2) AS08. • http://secunia.com/advisories/21111 http://secunia.com/advisories/21165 http://securitytracker.com/id?1016529 http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html http://www.securityfocus.com/archive/1/440758/100/100/threaded http://www.securityfocus.com/bid/19054 http://www.us-cert.gov/cas/techalerts/TA06-200A.html http://www.vupen.com/english/advisories/2006/2863 http://www.vupen.c •
CVE-2006-3709
https://notcve.org/view.php?id=CVE-2006-3709
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# AS04. Vulnerabilidad no especificada en OC4J para Oracle Application Server 9.0.2.3, , 9.0.3.1, y 10.1.2.0.0, tiene un impacto desconocido y vectores de ataque, también conocido como Oracle Vuln# AS04. • http://secunia.com/advisories/21111 http://secunia.com/advisories/21165 http://securitytracker.com/id?1016529 http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html http://www.securityfocus.com/archive/1/440758/100/100/threaded http://www.securityfocus.com/bid/19054 http://www.us-cert.gov/cas/techalerts/TA06-200A.html http://www.vupen.com/english/advisories/2006/2863 http://www.vupen.c •
CVE-2006-3708
https://notcve.org/view.php?id=CVE-2006-3708
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, 10.1.2.0.2, and 10.1.2.1 has unknown impact and attack vectors, aka Oracle Vuln# AS03. Vulnerabilidad no especificada en OC4J para Oracle Application Server 9.0.2.3, , 9.0.3.1, 9.0.4.2, 10.1.2.0.2, y 10.1.2.1, tiene un impacto desconocido y vectores de ataque, también conocido como Oracle Vuln# AS03. • http://secunia.com/advisories/21111 http://secunia.com/advisories/21165 http://securitytracker.com/id?1016529 http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html http://www.securityfocus.com/archive/1/440758/100/100/threaded http://www.securityfocus.com/bid/19054 http://www.us-cert.gov/cas/techalerts/TA06-200A.html http://www.vupen.com/english/advisories/2006/2863 http://www.vupen.c •
CVE-2006-3707
https://notcve.org/view.php?id=CVE-2006-3707
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3 and 9.0.3.1 has unknown impact and attack vectors, aka Oracle Vuln# AS02. Vulnerabilidad no especificada en OC4J para Oracle Application Server 9.0.2.3 tiene un impacto desconocido y vectores de ataque, también conocido como Oracle Vuln# AS02. • http://secunia.com/advisories/21111 http://secunia.com/advisories/21165 http://securitytracker.com/id?1016529 http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html http://www.securityfocus.com/archive/1/440758/100/100/threaded http://www.securityfocus.com/bid/19054 http://www.us-cert.gov/cas/techalerts/TA06-200A.html http://www.vupen.com/english/advisories/2006/2863 http://www.vupen.c •