Page 8 of 48 results (0.017 seconds)

CVSS: 10.0EPSS: 13%CPEs: 1EXPL: 1

Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect integrity via unknown vectors. Vulnerablidad no especificada en Oracle Secure Backup v10.3.0.1 permite a atacantes remotos afectar la integridad a través de vectores desconocidos. This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. The specific flaw exists within the register globals emulation layer which allows attackers to specify values for arbitrary program variables. When specific parameters are specified via the URI it is possible for an attacker to bypass the authentication mechanism and reach functionality otherwise inaccessible without proper credentials. This can be leveraged by remote attackers to trigger what were post-auth vulnerabilities without valid credentials. • https://www.exploit-db.com/exploits/17698 http://securityreason.com/securityalert/8354 http://securityreason.com/securityalert/8356 http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •

CVSS: 10.0EPSS: 96%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a buffer overflow in observiced.exe that allows remote attackers to execute arbitrary code via vectors related to a "reverse lookup of connections" to TCP port 10000. Una vulnerabilidad no especificada en el componente Oracle Secure Backup en Secure Backup de Oracle versión 10.2.0.3, permite a los atacantes remotos afectar a la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos. NOTA: la información anterior fue obtenida de la CPU de enero de 2010. • http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html http://www.us-cert.gov/cas/techalerts/TA10-012A.html •

CVSS: 9.0EPSS: 82%CPEs: 1EXPL: 1

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows remote authenticated users to execute arbitrary code with SYSTEM privileges via vectors involving property_box.php. Vulnerabilidad no especificada en el componente Oracle Secure Backup en Oracle Secure Backup 10.2.0.3 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos. NOTA: la información anterior se obtuvo de la CPU de Oracle de Julio de 2009. • https://www.exploit-db.com/exploits/9652 http://osvdb.org/55904 http://secunia.com/advisories/35776 http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html http://www.securityfocus.com/bid/35678 http://www.securitytracker.com/id?1022565 http://www.vupen.com/english/advisories/2009/1900 http://www.zerodayinitiative.com/advisories/ZDI-09-059 https://exchange.xforce.ibmcloud.com/vulnerabilities/51762 •

CVSS: 10.0EPSS: 82%CPEs: 1EXPL: 1

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows attackers to bypass authentication via unknown vectors involving the username parameter and login.php. Vulnerabilidad no especificada en el componente Oracle Secure Backup en Oracle Secure Backup v10.2.0.3 permite a los atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través e vectores desconocidos. This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. • https://www.exploit-db.com/exploits/9652 http://osvdb.org/55903 http://secunia.com/advisories/35776 http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html http://www.securityfocus.com/bid/35672 http://www.securitytracker.com/id?1022565 http://www.vupen.com/english/advisories/2009/1900 http://www.zerodayinitiative.com/advisories/ZDI-09-058 https://exchange.xforce.ibmcloud.com/vulnerabilities/51761 •

CVSS: 5.0EPSS: 67%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2008-5441 and CVE-2008-5442. Vulnerabilidad no especificada en el componente Oracle Secure Backup en Oracle Secure Backup 10.2.0.2 permite a atacantes remotos afectar la disponibilidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2008-5441 y CVE-2008-5442. • http://secunia.com/advisories/33525 http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html http://www.securityfocus.com/bid/33177 http://www.vupen.com/english/advisories/2009/0115 •