Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle e-business suite 11.5.9 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2005-3458
Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.9 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS19 in Workflow Cartridge.
10
CVSSv2
CVE-2004-0543
Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 up to and including 11.5.8 allow remote malicious users to execute arbitrary SQL procedures and queries.
Oracle E-business Suite 11.5.5
Oracle E-business Suite 11.5.4
Oracle E-business Suite 11.5.2
Oracle E-business Suite 11.5.7
Oracle E-business Suite 11i
Oracle E-business Suite 11.5.1
Oracle E-business Suite 11.5.8
Oracle E-business Suite 11.5.6
Oracle E-business Suite 11.5.3
Oracle Applications 11.0
5
CVSSv2
CVE-2004-1369
The TNS Listener in Oracle 10g allows remote malicious users to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
8.5
CVSSv2
CVE-2004-1364
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote malicious users to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
2 EDB exploits
7.5
CVSSv2
CVE-2004-1362
The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote malicious users to bypass access restrictions for certain procedures via an encoded URL w...
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
7.2
CVSSv2
CVE-2004-1363
Buffer overflow in extproc in Oracle 10g allows remote malicious users to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.
Oracle Database Server 8.1.7.4
Oracle Application Server 9.0.2.1
Oracle Application Server
Oracle Database Server 9.0.1.5
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Enterprise Manager 9.0.1
Oracle Database Server 9.0.4
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Database Server 9.2.0.4
Oracle Application Server 9.0.2.3
Oracle E-business Suite 11.5.2
Oracle Application Server 9.0.4.1
Oracle E-business Suite 11.5.7
Oracle Database Server 10.1.0.2
Oracle Application Server 9.0.2.0.1
Oracle Application Server 9.0.4.0
Oracle E-business Suite 11.5.1
Oracle Enterprise Manager 9
Oracle Application Server 9.0.2.2
Oracle Application Server 9.0.2
4.6
CVSSv2
CVE-2004-1365
Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
4.6
CVSSv2
CVE-2004-1366
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
4.4
CVSSv2
CVE-2004-1367
Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain th...
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
7.8
CVSSv2
CVE-2004-1368
ISQL*Plus in Oracle 10g Application Server allows remote malicious users to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »