Page 48 of 383 results (0.011 seconds)

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0

CVE-2007-3861

https://notcve.org/view.php?id=CVE-2007-3861

Unspecified vulnerability in Oracle Jdeveloper in Oracle Application Server 10.1.2.2 and Collaboration Suite 10.1.2 allows context-dependent attackers to have an unknown impact via custom applications that use JBO.KEY, aka JDEV01. Vulnerabilidad no especificada en Oracle Jdeveloper en Oracle Application Server 10.1.2.2 y Collaboration Suite 10.1.2 permite a atacantes locales o remotos dependientes del contexto tener un impacto desconocido mediante determinadas aplicaciones que utilizan JBO.KEY, también conocido como JDEV01. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143 http://secunia.com/advisories/26114 http://secunia.com/advisories/26166 http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html http://www.securitytracker.com/id?1018415 http://www.us-cert.gov/cas/techalerts/TA07-200A •

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0

CVE-2007-3863

https://notcve.org/view.php?id=CVE-2007-3863

Unspecified vulnerability in Oracle JDeveloper for Application Server 10.1.2.2 and 10.1.3.1, and Collaboration Suite 10.1.2, allows context-dependent attackers to have an unknown impact via custom applications that use JBO.SERVER, aka JDEV02. Vulnerabilidad no especificada en Oracle Jdeveloper para Application Server 10.1.2.2 y 10.1.3.1, y Collaboration Suite 10.1.2, permite a atacantes locales o remotos dependientes del contexto tener un impacto desconocido mediante determinadas aplicaciones que utilizan JBO.SERVER, también conocido como JDEV02. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143 http://secunia.com/advisories/26114 http://secunia.com/advisories/26166 http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html http://www.securitytracker.com/id?1018415 http://www.us-cert.gov/cas/techalerts/TA07-200A •

CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0

CVE-2007-3859

https://notcve.org/view.php?id=CVE-2007-3859

Unspecified vulnerability in the Oracle Internet Directory component for Oracle Database 9.2.0.8 and 9.2.0.8DV; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka OID01. Vulnerabilidad sin especificar en el componente Oracle Internet Directory para el Oracle Database 9.2.0.8 y 9.2.0.8DV, el Application Server 9.0.4.3, 10.1.2.0.2 y 10.1.2.2 y el Collaboration Suite 10.1.2 tiene un impacto desconocido y vectores de ataque remotos, también conocido como OID01. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143 http://secunia.com/advisories/26114 http://secunia.com/advisories/26166 http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html http://www.securitytracker.com/id?1018415 http://www.us-cert.gov/cas/techalerts/TA07-200A •

CVSS: 5.5EPSS: 1%CPEs: 38EXPL: 0

CVE-2007-3854

https://notcve.org/view.php?id=CVE-2007-3854

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow. Múltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5+, 9.2.0.7 y 10.1.0.5, permiten a usuarios autenticados remotoss tener un impacto desconocido por medio de (1) SYS.DBMS_PRVTAQIS en el componente Advanced Queuing (DB02) y (2) MDSYS.MD en el componente Spatial (DB12). NOTA: Oracle no ha cuestionado las afirmaciones de investigadores confiables de que DB02 es para una inyección SQL y DB12 para un desbordamiento de búfer. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143 http://secunia.com/advisories/26114 http://secunia.com/advisories/26166 http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html http://w •

CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 1

CVE-2007-3553 – Oracle Rapid Install Web Server - Secondary Login Page Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2007-3553

Cross-site scripting (XSS) vulnerability in Rapid Install Web Server in Oracle Application Server 11i allows remote attackers to inject arbitrary web script or HTML via a URL to the "Secondary Login Page", as demonstrated using (1) pls/ and (2) pls/MSBEP004/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Rapid Install Web SErver de Oracle Application Server 11i permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante un URL en la "Página de Acceso Secundaria", como se ha demostrado utilizando (1) pls/ y (2) pls/MSBEP004/. NOTA: la procedencia de esta información es desconocida; los detalles se han obtenido exclusivamente de información de terceros. • https://www.exploit-db.com/exploits/30256 http://osvdb.org/37058 http://secunia.com/advisories/25919 http://www.securityfocus.com/bid/24697 http://www.securitytracker.com/id?1018329 https://exchange.xforce.ibmcloud.com/vulnerabilities/35266 •