Oracle: >> Database Server >> 9.2.0.7 Security Vulnerabilities
Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Logical Standby; (3) DB10 in Locale; (4) DB12 in Materialized Views; (5) DB13 in Objects Extension; (6) DB15 in Oracle Label Security; (7) DB27 in Security, possibly due to a buffer overflow in sys.pbsde.init; and (8) DB28 and (9) DB29 in Workspace Manager.
CVSS Score
10.0
EPSS Score
0.083
Published
2005-11-02
Multiple unspecified vulnerabilities in Oracle Database Server 8i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB09 in Export, (2) DB11 in Materialized Views, and (3) DB16 in Security Service.
CVSS Score
10.0
EPSS Score
0.014
Published
2005-11-02
Unspecified vulnerability in the Spatial component in Oracle Database Server from 9i up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB17.
CVSS Score
10.0
EPSS Score
0.034
Published
2005-11-02
Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i up to 9.2.0.5 have unknown impact and attack vectors, aka Oracle Vuln# DB26.
CVSS Score
10.0
EPSS Score
0.02
Published
2005-11-02
Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via "\\.\\.." (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.frename.
CVSS Score
5.0
EPSS Score
0.288
Published
2005-03-07
SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitrary SQL commands and gain privileges.
CVSS Score
7.5
EPSS Score
0.005
Published
2005-01-18
Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.
CVSS Score
2.1
EPSS Score
0.858
Published
2003-10-20
Page 6