database 9i vulnerabilities and exploits

2.1
CVSSv2
CVE-2005-2294

Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card numbers....

8.5
CVSSv2
CVE-2004-0638

Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long...

9
CVSSv2
CVE-2003-0222

Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter....

7.5
CVSSv2
CVE-2002-0571

Oracle Oracle9i database server 9.0.1.x allows local users to access restricted data via a SQL query using ANSI outer join syntax....

7.5
CVSSv2
CVE-2005-1495

Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection....

2.1
CVSSv2
CVE-2003-0727

Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions....

OracleDatabase Server
7.5
CVSSv2
CVE-2005-0297

SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitrary SQL commands and gain privileges....

10
CVSSv2
CVE-2005-3441

Unspecified vulnerability in Intelligent Agent in Oracle Database Server 9i up to 9.0.1.5 has unknown impact and attack vectors, aka Oracle Vuln# DB14....

5
CVSSv2
CVE-2002-0560

PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listprint, or (3) OWA_UTIL.show_query_columns....

10
CVSSv2
CVE-2005-3437

Unspecified vulnerability in the PL/SQL component in Oracle Database Server 9i up to 10.1.0.4 has unknown impact and attack vectors, aka Oracle Vuln# DB01....