Oracle: >> Database Server >> 7.1.4 Security Vulnerabilities
SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitrary SQL commands and gain privileges.
CVSS Score
7.5
EPSS Score
0.005
Published
2005-01-18
Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.
CVSS Score
2.1
EPSS Score
0.858
Published
2003-10-20
Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability."
CVSS Score
2.1
EPSS Score
0.002
Published
2001-12-06
Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."
CVSS Score
7.2
EPSS Score
0.004
Published
2001-12-06
Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP.
CVSS Score
5.0
EPSS Score
0.006
Published
2001-03-12
Page 2