Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

oracle oracle8i 8.1.7 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2001-0517
Oracle listener in Oracle 8i on Solaris allows remote malicious users to cause a denial of service via a malformed connection packet with a maximum transport data size that is set to 0.
Oracle Oracle8i 8.1.6Oracle Oracle8i 8.1.7
NA
CVE-2001-0126
Oracle XSQL servlet 1.0.3.0 and previous versions allows remote malicious users to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet.
Oracle Oracle8i 8.1.7
NA
CVE-2002-0568
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.
Oracle Application Server 1.0.2Oracle Oracle8i 8.1.7Oracle Oracle8i 8.1.7.1Oracle Oracle9i 9.0Oracle Oracle9i 9.0.1
NA
CVE-2002-0567
Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote malicious users to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process.
Oracle Database Server 8.0.3Oracle Database Server 8.0.4Oracle Oracle8i 8.1.5Oracle Oracle8i 8.1.6Oracle Oracle8i Enterprise 8.1.5.0.2Oracle Oracle8i Enterprise 8.1.5.1.0Oracle Database Server 8.0.5Oracle Database Server 8.0.5.1Oracle Oracle8i 8.1.7Oracle Oracle8i 8.1.7.1Oracle Oracle8i Enterprise 8.1.6.0.0Oracle Oracle8i Enterprise 8.1.6.1.0Oracle Database Server 8.0.1Oracle Database Server 8.0.2Oracle Database Server 8.1.6Oracle Database Server 8.1.7Oracle Database Server 8.1.7.0.0Oracle Oracle8i Enterprise 8.0.6.0.1Oracle Oracle8i Enterprise 8.1.5.0.0Oracle Oracle9i 9.0Oracle Oracle9i 9.0.1Oracle Database Server 8.0.6
NA
CVE-2002-1118
TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote malicious users to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command.
Oracle Oracle8i 8.1.7Oracle Oracle8i 8.1.7.0.0 EnterpriseOracle Oracle8i 8.1.7.1Oracle Oracle8i 8.1.7.1.0 EnterpriseOracle Oracle8i 8.1.5Oracle Oracle8i 8.1.5.0.0 EnterpriseOracle Oracle8i 8.1.5.0.2 EnterpriseOracle Oracle9i 9.0.2Oracle Oracle9i Release 2 9.2.1Oracle Oracle9i Release 2 9.2.2Oracle Oracle8i 8.1.6Oracle Oracle8i 8.1.6.1.0 EnterpriseOracle Oracle9i 9.0Oracle Oracle9i 9.0.1.2Oracle Oracle8i 8.1.5.1.0 EnterpriseOracle Oracle8i 8.1.6.0.0 EnterpriseOracle Oracle9i 9.0.1Oracle Oracle9i 9.0.1 3
NA
CVE-2003-0222
Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and previous versions allows malicious users to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.
Oracle Database Server 7.3.3Oracle Database Server 7.3.4Oracle Database Server 8.0.6Oracle Database Server 8.1.5Oracle Database Server 8.1.6Oracle Oracle8i 8.1.5Oracle Oracle8i 8.1.6Oracle Oracle9i 9.0.1.2Oracle Oracle9i 9.0.1.3Oracle Database Server 8.0.1Oracle Database Server 8.0.2Oracle Database Server 8.1.7Oracle Database Server 9.2.1Oracle Oracle8i 8.1.7Oracle Oracle8i 8.1.7.1Oracle Oracle9i 9.0.1.4Oracle Oracle9i 9.0.2Oracle Database Server 8.0.3Oracle Database Server 8.0.4Oracle Database Server 9.2.2Oracle Oracle8i 8.0.6Oracle Oracle8i 8.1.7.4
NA
CVE-2004-0637
Oracle Database Server 8.1.7.4 up to and including 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
Oracle Oracle9i Standard 9.0.1.3Oracle Oracle8i Enterprise 8.1.7 .4Oracle Oracle8i Standard 8.1.7 .4Oracle Oracle9i Enterprise 9.2.0.4Oracle Oracle9i Personal 9.2.0.4Oracle Oracle9i Standard 9.2.0.4
NA
CVE-2003-0095
Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote malicious users to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demons...
Oracle Oracle9i 9.0.1Oracle Oracle9i 9.0.1.2Oracle Database Server 8.0.6Oracle Database Server 9.2.1Oracle Oracle9i 9.0.1.3Oracle Oracle9i 9.0.2Oracle Database Server 9.2.2Oracle Oracle8i 8.1.7Oracle Oracle8i 8.1.7.1Oracle Oracle9i 9.0
NA
CVE-2003-0096
Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote malicious users to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or...
Oracle Oracle8i 8.1.7Oracle Oracle8i 8.1.7.1Oracle Oracle9i 9.0Oracle Oracle9i 9.0.1Oracle Database Server 8.0.6Oracle Oracle9i 9.0.1.2Oracle Oracle9i 9.0.1.3Oracle Database Server 9.2.1Oracle Database Server 9.2.2Oracle Oracle9i 9.0.2
NA
CVE-2002-0561
The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote malicious users to gain privileges and modify DAD settings.
Oracle Application Server 1.0.2Oracle Application Server Web Cache 2.0.0.0Oracle Oracle9i 9.0.1Oracle Application Server Web Cache 2.0.0.1Oracle Application Server Web Cache 2.0.0.2Oracle Oracle8i 8.1.7 .1Oracle Oracle9i 9.0Oracle Application Server Web Cache 2.0.0.3Oracle Oracle8i 8.1.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook