Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle oracle8i standard 8.1.7 .4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0637
Oracle Database Server 8.1.7.4 up to and including 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Standard 9.2.0.4
Oracle Oracle9i Standard 9.0.1.3
Oracle Oracle9i Personal 9.2.0.4
Oracle Oracle8i Enterprise 8.1.7 .4
1 EDB exploit
NA
CVE-2003-0634
Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Client 9.2.0.2
Oracle Oracle9i Client 9.2.0.1
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle8i Enterprise 8.1.5 .1.0
Oracle Oracle8i Standard 8.1.6
Oracle Oracle9i Standard 9.0.1
Oracle Oracle9i Enterprise 9.2.0.2
Oracle Oracle9i Standard 9.0
Oracle Oracle9i Standard 9.2.0.1
Oracle Oracle9i Enterprise 9.0.1
Oracle Oracle9i Standard 9.0.1.2
Oracle Oracle8i Standard 8.1.7 .1
Oracle Oracle8i Enterprise 8.1.7 .1.0
Oracle Oracle8i Enterprise 8.1.5 .0.2
Oracle Oracle8i Enterprise 8.1.6 .1.0
Oracle Oracle9i Personal 9.0.1
Oracle Oracle8i Enterprise 8.1.7 .0.0
NA
CVE-2004-1707
The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libc...
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Database Server Lite 5.0
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle Oracle9i Client 9.2.0.1
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle8i Standard 8.0.6
Oracle Oracle8i Enterprise 8.1.5 .1.0
Oracle Oracle9i Personal 9.0.1.5
Oracle Oracle8i Standard 8.1.6
Oracle Oracle9i Standard 9.0.1
Oracle Oracle9i Standard 9.2.0.3
Oracle Oracle9i Enterprise 9.2.0.2
Oracle Application Server Portal 9.0.2.3b
Oracle Oracle9i Enterprise 9.2.0.4
1 EDB exploit
NA
CVE-2004-1371
Stack-based buffer overflow in Oracle 9i and 10g allows remote malicious users to execute arbitrary code via a long token in the text of a wrapped procedure.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Database Server 9i Application Server
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
NA
CVE-2004-1362
The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote malicious users to bypass access restrictions for certain procedures via an encoded URL w...
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
NA
CVE-2004-1366
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
NA
CVE-2004-1367
Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain th...
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
NA
CVE-2004-1368
ISQL*Plus in Oracle 10g Application Server allows remote malicious users to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
NA
CVE-2004-1369
The TNS Listener in Oracle 10g allows remote malicious users to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
NA
CVE-2004-1370
Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote malicious users to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COM...
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »