CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2005-3452
https://notcve.org/view.php?id=CVE-2005-3452
Unspecified vulnerability in Web Cache in Oracle Application Server 1.0 up to 9.0.4.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS13. • http://secunia.com/advisories/17250 http://www.kb.cert.org/vuls/id/210524 http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html http://www.securityfocus.com/bid/15134 http://www.us-cert.gov/cas/techalerts/TA05-292A.html •
CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 0CVE-2005-3445
https://notcve.org/view.php?id=CVE-2005-3445
Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05. • http://secunia.com/advisories/17250 http://www.kb.cert.org/vuls/id/210524 http://www.kb.cert.org/vuls/id/890940 http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html http://www.securityfocus.com/bid/15134 http://www.us-cert.gov/cas/techalerts/TA05-292A.html •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2005-3449
https://notcve.org/view.php?id=CVE-2005-3449
Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS02 in Containers for J2EE, (2) AS07 in Internet Directory, (3) AS09 in Report Server, and (4) AS11 in Web Cache. • http://secunia.com/advisories/17250 http://www.kb.cert.org/vuls/id/210524 http://www.kb.cert.org/vuls/id/376756 http://www.kb.cert.org/vuls/id/512716 http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html http://www.securityfocus.com/bid/15134 http://www.us-cert.gov/cas/techalerts/TA05-292A.html •
CVSS: 4.3EPSS: 6%CPEs: 53EXPL: 2CVE-2005-3204 – Oracle 9 - XML DB Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2005-3204
Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request. • https://www.exploit-db.com/exploits/26332 http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0177.html http://marc.info/?l=bugtraq&m=112870541502542&w=2 http://secunia.com/advisories/15991 http://securityreason.com/securityalert/66 http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html http://www.osvdb.org/20054 http://www.red-database-security.com/advisory/oracle_xmldb_css.html http://www.securityfocus.com/bid/15034 https://exchange.xforce.ibmcloud.com/ •
CVSS: 5.0EPSS: 1%CPEs: 13EXPL: 0CVE-2004-2244
https://notcve.org/view.php?id=CVE-2004-2244
The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD. • http://otn.oracle.com/deploy/security/pdf/2004alert65.pdf http://secunia.com/advisories/10936 http://www.osvdb.org/4011 http://www.securityfocus.com/bid/9703 https://exchange.xforce.ibmcloud.com/vulnerabilities/15270 •