Oracle: >> Database Server >> 9.0 Security Vulnerabilities
SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitrary SQL commands and gain privileges.
CVSS Score
7.5
EPSS Score
0.005
Published
2005-01-18
Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.
CVSS Score
2.1
EPSS Score
0.858
Published
2003-10-20
Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file.
CVSS Score
7.5
EPSS Score
0.023
Published
2002-09-05
Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability."
CVSS Score
2.1
EPSS Score
0.002
Published
2001-12-06
Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."
CVSS Score
7.2
EPSS Score
0.004
Published
2001-12-06
Page 2