Oracle

Oracle9i

52 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2006-6703

  • EPSS 18.49%
  • Veröffentlicht 23.12.2006 01:28:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors.

2.1

CVE-2006-1705

  • EPSS 1.11%
  • Veröffentlicht 11.04.2006 10:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view.

7.5

CVE-2006-0552

  • EPSS 4.38%
  • Veröffentlicht 04.02.2006 11:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11.

9

CVE-2006-0272

  • EPSS 39.74%
  • Veröffentlicht 18.01.2006 11:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. NOTE: based on mutual credits by the relevant sources, it is highly...

10

CVE-2006-0271

  • EPSS 1.39%
  • Veröffentlicht 18.01.2006 11:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unspecified vulnerability in the Upgrade & Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB28. NOTE: details are unavailable from Oracle...

10

CVE-2006-0262

  • EPSS 1.81%
  • Veröffentlicht 18.01.2006 11:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08.

7.5

CVE-2005-3641

  • EPSS 0.48%
  • Veröffentlicht 16.11.2005 21:22:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username.

4.3

CVE-2005-3204

Exploit
  • EPSS 37.89%
  • Veröffentlicht 14.10.2005 10:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request.

7.5

CVE-2005-1495

Exploit
  • EPSS 1.04%
  • Veröffentlicht 11.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection.

5

CVE-2004-2244

  • EPSS 0.85%
  • Veröffentlicht 31.12.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and mem...