Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6
CVE-2004-1366
- EPSS 0.3%
- Published 04.08.2004 04:00:00
- Last modified 03.04.2025 01:03:51
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.
4.6
CVE-2004-1365
- EPSS 0.4%
- Published 04.08.2004 04:00:00
- Last modified 03.04.2025 01:03:51
Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.
8.5
CVE-2004-1364
- EPSS 15.17%
- Published 04.08.2004 04:00:00
- Last modified 03.04.2025 01:03:51
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.
9.8
CVE-2004-1363
- EPSS 27.66%
- Published 04.08.2004 04:00:00
- Last modified 03.04.2025 01:03:51
Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.