CVSS: 10.0EPSS: 2%CPEs: 26EXPL: 0CVE-2008-0349
https://notcve.org/view.php?id=CVE-2008-0349
17 Jan 2008 — Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.15 and 8.49.07 has unknown impact and remote attack vectors, aka PSE02. Vulnerabilidad no especificada en el componente PeopleTools de Oracle PeopleSoft Enterprise y JD Edwards EnterpriseOne 8.48.15 y 8.49.07 tiene impacto y vectores de ataque remotos desconocidos, también conocido como PSE02. • http://marc.info/?l=bugtraq&m=120058413923005&w=2 •
CVSS: 8.8EPSS: 3%CPEs: 10EXPL: 0CVE-2007-5897
https://notcve.org/view.php?id=CVE-2007-5897
08 Nov 2007 — Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure. Desbordamiento de búfer en MDSYS.SDO_CS de Oracle Database Server 8iR3, 9iR1, 9iR2 hasta 9.2.0.6, y 10gR1 hasta 10.1.0.4 permite a ... • http://osvdb.org/40081 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2007-5504
https://notcve.org/view.php?id=CVE-2007-5504
17 Oct 2007 — Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINK_INFO procedure in the DBMS_AQADM_SYS package. Múltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5+ y 10.1.0.5, un impacto desconocido y vectores de ataque remotos, relacionados co... • http://marc.info/?l=bugtraq&m=119332677525918&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2007-5505
https://notcve.org/view.php?id=CVE-2007-5505
17 Oct 2007 — Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to (1) the Export component (DB02), (2) Oracle Text (DB04), (3) Oracle Text (DB05), (4) Spatial component (DB07), and (5) Advanced Security Option (DB19). Múltiples vulnerabilidades sin especificar en las Bases de Datos de Oracle 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5 y 10.2.0.3 tienen un impacto desconocido y vectores de ataque remotos, relacion... • http://marc.info/?l=bugtraq&m=119332677525918&w=2 •
CVSS: 7.8EPSS: 7%CPEs: 5EXPL: 0CVE-2007-5506
https://notcve.org/view.php?id=CVE-2007-5506
17 Oct 2007 — The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20. El núcleo del componente RDBMS en Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, y 10.2.0.3 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante un paquete de datos tipo 6 manipulado artesanalmente, también conocido como DB20. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 6%CPEs: 5EXPL: 0CVE-2007-5507
https://notcve.org/view.php?id=CVE-2007-5507
17 Oct 2007 — The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (crash) or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which triggers a buffer over-read, aka DB22. El servicio GIOP en TNS Listener del componente Oracle Net Services de Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, y 10.2.0.3 permite a atacantes remotos provocar... • http://marc.info/?l=bugtraq&m=119332677525918&w=2 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5509
https://notcve.org/view.php?id=CVE-2007-5509
17 Oct 2007 — Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unknown impact and remote attack vectors, aka DB06. noesp Vulnerabilidad no especificada en en el componente Spatial de Oracle Database 9.2.0.8 y 9.2.0.8DV tiene impacto y vectores de ataque remotos desconocidos, también conocida como DB06. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2007-5513
https://notcve.org/view.php?id=CVE-2007-5513
17 Oct 2007 — The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2) short entries contain any extra characters from usernames in previous entries, aka DB23. El componente XML DB (XMLDB) de Oracle Database 9.2.0.8, 9.2.0.8DV, y 10.1.0.5 genera entradas de auditoría incorrectas en la columna USERID en la cual (1) nombres de usuario largo se recortan a 5 caracteres, o (2) entradas... • http://marc.info/?l=bugtraq&m=119332677525918&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2007-5515
https://notcve.org/view.php?id=CVE-2007-5515
17 Oct 2007 — Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.2, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB27. Vulnerabilidad no especificada en el componente Spatial de Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.2, y 10.2.0.3 tiene impacto y vectores de ataque remotos desconocidos, también conocida como DB27. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2007-5520
https://notcve.org/view.php?id=CVE-2007-5520
17 Oct 2007 — Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05. Vulnerabilidad no especificada en el componente Oracle Internet Directory en la base de datos Oracle 9.2.0.8 y 9.2.0.8DV, y Oracle Application Server 9.0.4.3, 10.1.3.0.0 hasta 10.1.3.3.0, y 10.1.2.0.1 hasta 10.1.2.2.0, tiene impacto desconocido... • http://marc.info/?l=bugtraq&m=119332677525918&w=2 •