Page 4 of 18 results (0.021 seconds)

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 1

Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." • https://www.exploit-db.com/exploits/21045 http://marc.info/?l=bugtraq&m=100386756715645&w=2 http://online.securityfocus.com/archive/1/201295 http://online.securityfocus.com/archive/1/222612 http://otn.oracle.com/deploy/security/pdf/otrcrep.pdf http://www.ciac.org/ciac/bulletins/m-011.shtml http://www.securityfocus.com/bid/3139 https://exchange.xforce.ibmcloud.com/vulnerabilities/6940 •

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0

Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability." • http://marc.info/?l=bugtraq&m=100386756715645&w=2 http://otn.oracle.com/deploy/security/pdf/oracle_race.pdf •

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 2

dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script. • https://www.exploit-db.com/exploits/19460 https://www.exploit-db.com/exploits/19461 http://www.securityfocus.com/bid/585 •