| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information. |
| Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information. |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 and 9.2.0.6 has unknown impact and attack vectors, aka Oracle Vuln# DB02. |
| SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197. |
| Oracle 9i Application Server (Oracle9iAS) 9.0.2 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Application Server to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." |
| Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB21 for Statistics and (2) DB22 for Upgrade & Downgrade. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB21 is for a local SQL injection vulnerability in SYS.DBMS_STATS, and that DB22 is for SQL injection in SYS.DBMS_UPGRADE. |
| MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf. |
| The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager. |
| The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00). |
| Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB01 for Change Data Capture (CDC) component and (2) DB03 for Data Pump Metadata API. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB01 is related to multiple SQL injection vulnerabilities in SYS.DBMS_CDC_IMPDP using the (a) IMPORT_CHANGE_SET, (b) IMPORT_CHANGE_TABLE, (c) IMPORT_CHANGE_COLUMN, (d) IMPORT_SUBSCRIBER, (e) IMPORT_SUBSCRIBED_TABLE, (f) IMPORT_SUBSCRIBED_COLUMN, (g) VALIDATE_IMPORT, (h) VALIDATE_CHANGE_SET, (i) VALIDATE_CHANGE_TABLE, and (j) VALIDATE_SUBSCRIPTION procedures, and that DB03 is for SQL injection in the MAIN procedure for SYS.KUPW$WORKER. |
| Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite. |
| The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 5, allows remote anonymous binds, which may allow remote attackers to view user entries or cause a denial of service. |
| BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users with the Monitor security role to "shrink or reset JDBC connection pools." |
| Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.02 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE02. |
| BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 does not properly handle when a security provider throws an exception, which may cause WebLogic to use incorrect identity for the thread, or to fail to audit security exceptions. |
| Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet. |
| Unspecified vulnerability in Oracle E-Business Suite and Applications 4.5 up to 4.5.1 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS22 in Oracle Clinical. |
| The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cache_dump_file parameter. |
| Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 6, allow remote attackers to inject arbitrary web script or HTML, and possibly gain administrative privileges, via the (1) j_username or (2) j_password parameters in the login page (LoginForm.jsp), (3) parameters to the error page in the Administration Console, (4) unknown vectors in the Server Console while the administrator has an active session to obtain the ADMINCONSOLESESSION cookie, or (5) an alternate vector in the Server Console that does not require an active session but also leaks the username and password. |
| Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.10 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS08 in HRMS. |
