All the vulnerabilites related to oracle - enterprise_manager_database_control
cve-2012-3219
Vulnerability from cvelistv5
Published
2013-01-17 01:30
Modified
2024-08-06 19:57
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/57349 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/57126 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA | |
| http://marc.info/?l=bugtraq&m=139344343412337&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:57:50.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57349"
},
{
"name": "57126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/57349"
},
{
"name": "57126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-3219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57349"
},
{
"name": "57126",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2012-3219",
"datePublished": "2013-01-17T01:30:00",
"dateReserved": "2012-06-06T00:00:00",
"dateUpdated": "2024-08-06T19:57:50.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3791
Vulnerability from cvelistv5
Published
2013-07-17 10:00
Modified
2024-08-06 16:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvn.jp/en/jp/JVN26103805/index.html | third-party-advisory, x_refsource_JVN | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2013-003391 | third-party-advisory, x_refsource_JVNDB | |
| http://www.securitytracker.com/id/1028795 | vdb-entry, x_refsource_SECTRACK | |
| http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/61213 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/85666 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/95279 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:01.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#26103805",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN26103805/index.html"
},
{
"name": "JVNDB-2013-003391",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-003391"
},
{
"name": "1028795",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "61213",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61213"
},
{
"name": "oracle-cpujuly2013-cve20133791(85666)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85666"
},
{
"name": "95279",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95279"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "JVN#26103805",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN26103805/index.html"
},
{
"name": "JVNDB-2013-003391",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-003391"
},
{
"name": "1028795",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "61213",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61213"
},
{
"name": "oracle-cpujuly2013-cve20133791(85666)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85666"
},
{
"name": "95279",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95279"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#26103805",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN26103805/index.html"
},
{
"name": "JVNDB-2013-003391",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-003391"
},
{
"name": "1028795",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028795"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "61213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61213"
},
{
"name": "oracle-cpujuly2013-cve20133791(85666)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85666"
},
{
"name": "95279",
"refsource": "OSVDB",
"url": "http://osvdb.org/95279"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3791",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:01.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-0353
Vulnerability from cvelistv5
Published
2013-01-17 01:30
Modified
2024-08-06 14:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 allows remote attackers to affect integrity via unknown vectors related to Enterprise Configuration Management.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:25:10.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 allows remote attackers to affect integrity via unknown vectors related to Enterprise Configuration Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T09:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-0353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 allows remote attackers to affect integrity via unknown vectors related to Enterprise Configuration Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-0353",
"datePublished": "2013-01-17T01:30:00",
"dateReserved": "2012-12-07T00:00:00",
"dateUpdated": "2024-08-06T14:25:10.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5827
Vulnerability from cvelistv5
Published
2013-10-16 17:31
Modified
2024-09-16 23:36
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/55322 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:31.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55322"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-16T17:31:00Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "55322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55322"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55322",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55322"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5827",
"datePublished": "2013-10-16T17:31:00Z",
"dateReserved": "2013-09-18T00:00:00Z",
"dateUpdated": "2024-09-16T23:36:23.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-0355
Vulnerability from cvelistv5
Published
2013-01-17 01:30
Modified
2024-08-06 14:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:25:09.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T09:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-0355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-0355",
"datePublished": "2013-01-17T01:30:00",
"dateReserved": "2012-12-07T00:00:00",
"dateUpdated": "2024-08-06T14:25:09.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-6488
Vulnerability from cvelistv5
Published
2014-10-15 22:03
Modified
2024-08-06 12:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6 allows remote authenticated users to affect integrity via unknown vectors related to Content Management.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/70506 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/61727 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id/1031041 | vdb-entry, x_refsource_SECTRACK | |
| http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:24.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "70506",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70506"
},
{
"name": "61727",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61727"
},
{
"name": "1031041",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031041"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6 allows remote authenticated users to affect integrity via unknown vectors related to Content Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-23T14:57:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "70506",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70506"
},
{
"name": "61727",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61727"
},
{
"name": "1031041",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031041"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6 allows remote authenticated users to affect integrity via unknown vectors related to Content Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "70506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70506"
},
{
"name": "61727",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61727"
},
{
"name": "1031041",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031041"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-6488",
"datePublished": "2014-10-15T22:03:00",
"dateReserved": "2014-09-17T00:00:00",
"dateUpdated": "2024-08-06T12:17:24.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1364
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18658 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/454861/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.kb.cert.org/vuls/id/316206 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.us-cert.gov/cas/techalerts/TA04-245A.html | third-party-advisory, x_refsource_CERT | |
| http://marc.info/?l=bugtraq&m=110382406002365&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/10871 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.ngssoftware.com/advisories/oracle23122004B.txt | x_refsource_MISC | |
| http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-extproc-directory-traversal(18658)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18658"
},
{
"name": "20061219 Oracle \u003c= 9i / 10g (extproc) Local/Remote Command Execution Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454861/100/0/threaded"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "20041223 Oracle extproc directory traversal (#NISR23122004B)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382406002365\u0026w=2"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004B.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\\bin directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oracle-extproc-directory-traversal(18658)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18658"
},
{
"name": "20061219 Oracle \u003c= 9i / 10g (extproc) Local/Remote Command Execution Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454861/100/0/threaded"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "20041223 Oracle extproc directory traversal (#NISR23122004B)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382406002365\u0026w=2"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004B.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\\bin directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-extproc-directory-traversal(18658)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18658"
},
{
"name": "20061219 Oracle \u003c= 9i / 10g (extproc) Local/Remote Command Execution Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454861/100/0/threaded"
},
{
"name": "VU#316206",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "20041223 Oracle extproc directory traversal (#NISR23122004B)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110382406002365\u0026w=2"
},
{
"name": "10871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"name": "http://www.ngssoftware.com/advisories/oracle23122004B.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/oracle23122004B.txt"
},
{
"name": "http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql",
"refsource": "MISC",
"url": "http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1364",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1371
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ngssoftware.com/advisories/oracle23122004J.txt | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=110382570313035&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.kb.cert.org/vuls/id/316206 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.us-cert.gov/cas/techalerts/TA04-245A.html | third-party-advisory, x_refsource_CERT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18666 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/10871 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004J.txt"
},
{
"name": "20041223 Oracle wrapped procedure overflow (#NISR2122004J)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382570313035\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "oracle-wrapped-procedure-bo(18666)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18666"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004J.txt"
},
{
"name": "20041223 Oracle wrapped procedure overflow (#NISR2122004J)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382570313035\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "oracle-wrapped-procedure-bo(18666)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18666"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ngssoftware.com/advisories/oracle23122004J.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/oracle23122004J.txt"
},
{
"name": "20041223 Oracle wrapped procedure overflow (#NISR2122004J)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110382570313035\u0026w=2"
},
{
"name": "VU#316206",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "oracle-wrapped-procedure-bo(18666)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18666"
},
{
"name": "10871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1371",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4735
Vulnerability from cvelistv5
Published
2015-07-16 10:00
Modified
2024-08-06 06:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vectors related to RAC Management.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032918 | vdb-entry, x_refsource_SECTRACK | |
| http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:25:21.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032918"
},
{
"name": "SUSE-SU-2015:1353",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vectors related to RAC Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032918"
},
{
"name": "SUSE-SU-2015:1353",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4735",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vectors related to RAC Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032918",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032918"
},
{
"name": "SUSE-SU-2015:1353",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-4735",
"datePublished": "2015-07-16T10:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:25:21.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5828
Vulnerability from cvelistv5
Published
2013-10-16 17:31
Modified
2024-09-16 22:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to Storage Management.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/55322 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:31.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55322"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to Storage Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-16T17:31:00Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "55322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55322"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to Storage Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55322",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55322"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5828",
"datePublished": "2013-10-16T17:31:00Z",
"dateReserved": "2013-09-18T00:00:00Z",
"dateUpdated": "2024-09-16T22:25:35.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1366
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18661 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/385323 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.kb.cert.org/vuls/id/316206 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.us-cert.gov/cas/techalerts/TA04-245A.html | third-party-advisory, x_refsource_CERT | |
| http://www.ngssoftware.com/advisories/oracle23122004D.txt | x_refsource_MISC | |
| http://www.securityfocus.com/bid/10871 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-sysman-password-plaintext(18661)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18661"
},
{
"name": "20041223 Oracle clear text passwords (#NISR2122004D)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/385323"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oracle-sysman-password-plaintext(18661)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18661"
},
{
"name": "20041223 Oracle clear text passwords (#NISR2122004D)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/385323"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-sysman-password-plaintext(18661)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18661"
},
{
"name": "20041223 Oracle clear text passwords (#NISR2122004D)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/385323"
},
{
"name": "VU#316206",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "http://www.ngssoftware.com/advisories/oracle23122004D.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
},
{
"name": "10871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1366",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1369
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ngssoftware.com/advisories/oracle23122004F.txt | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18664 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=110382524401468&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.kb.cert.org/vuls/id/316206 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.us-cert.gov/cas/techalerts/TA04-245A.html | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/bid/10871 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004F.txt"
},
{
"name": "oracle-tnslsnr-nsgr-dos(18664)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18664"
},
{
"name": "20041223 Oracle TNS Listener DoS (#NISR2122004F)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382524401468\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004F.txt"
},
{
"name": "oracle-tnslsnr-nsgr-dos(18664)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18664"
},
{
"name": "20041223 Oracle TNS Listener DoS (#NISR2122004F)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382524401468\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ngssoftware.com/advisories/oracle23122004F.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/oracle23122004F.txt"
},
{
"name": "oracle-tnslsnr-nsgr-dos(18664)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18664"
},
{
"name": "20041223 Oracle TNS Listener DoS (#NISR2122004F)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110382524401468\u0026w=2"
},
{
"name": "VU#316206",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1369",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1363
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18659 | vdb-entry, x_refsource_XF | |
| http://www.ngssoftware.com/advisories/oracle23122004.txt | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=110382345829397&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.kb.cert.org/vuls/id/316206 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.us-cert.gov/cas/techalerts/TA04-245A.html | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/bid/10871 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-extproc-library-bo(18659)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18659"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004.txt"
},
{
"name": "20041223 Oracle extproc buffer overflow (#NISR23122004A)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382345829397\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oracle-extproc-library-bo(18659)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18659"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004.txt"
},
{
"name": "20041223 Oracle extproc buffer overflow (#NISR23122004A)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382345829397\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-extproc-library-bo(18659)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18659"
},
{
"name": "http://www.ngssoftware.com/advisories/oracle23122004.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/oracle23122004.txt"
},
{
"name": "20041223 Oracle extproc buffer overflow (#NISR23122004A)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110382345829397\u0026w=2"
},
{
"name": "VU#316206",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1363",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-0354
Vulnerability from cvelistv5
Published
2013-01-17 01:30
Modified
2024-08-06 14:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Policy Framework.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/57126 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA | |
| http://marc.info/?l=bugtraq&m=139344343412337&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:25:09.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Policy Framework."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-12T13:57:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-0354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Policy Framework."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57126",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-0354",
"datePublished": "2013-01-17T01:30:00",
"dateReserved": "2012-12-07T00:00:00",
"dateUpdated": "2024-08-06T14:25:09.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1362
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18657 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/435974 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.us-cert.gov/cas/techalerts/TA04-245A.html | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/bid/10871 | vdb-entry, x_refsource_BID | |
| http://www.ngssoftware.com/advisories/oracle23122004G.txt | x_refsource_MISC | |
| http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf | x_refsource_CONFIRM | |
| http://marc.info/?l=bugtraq&m=110382306006205&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-character-conversion-gain-privileges(18657)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18657"
},
{
"name": "VU#435974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/435974"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004G.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "20041223 Oracle Character Conversion Bugs (#NISR2122004G)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382306006205\u0026w=2"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with \"%FF\" encoded sequences that are improperly converted to \"Y\" characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oracle-character-conversion-gain-privileges(18657)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18657"
},
{
"name": "VU#435974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/435974"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004G.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "20041223 Oracle Character Conversion Bugs (#NISR2122004G)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382306006205\u0026w=2"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with \"%FF\" encoded sequences that are improperly converted to \"Y\" characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-character-conversion-gain-privileges(18657)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18657"
},
{
"name": "VU#435974",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/435974"
},
{
"name": "TA04-245A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "http://www.ngssoftware.com/advisories/oracle23122004G.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/oracle23122004G.txt"
},
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "20041223 Oracle Character Conversion Bugs (#NISR2122004G)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110382306006205\u0026w=2"
},
{
"name": "101782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1362",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-0374
Vulnerability from cvelistv5
Published
2013-01-17 01:30
Modified
2024-08-06 14:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Database Cloning.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:25:09.597Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Database Cloning."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T09:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-0374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Database Cloning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-0374",
"datePublished": "2013-01-17T01:30:00",
"dateReserved": "2012-12-07T00:00:00",
"dateUpdated": "2024-08-06T14:25:09.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2647
Vulnerability from cvelistv5
Published
2015-07-16 10:00
Modified
2024-08-06 05:24
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032918 | vdb-entry, x_refsource_SECTRACK | |
| http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:37.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032918"
},
{
"name": "SUSE-SU-2015:1353",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032918"
},
{
"name": "SUSE-SU-2015:1353",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2647",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032918",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032918"
},
{
"name": "SUSE-SU-2015:1353",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-2647",
"datePublished": "2015-07-16T10:00:00",
"dateReserved": "2015-03-20T00:00:00",
"dateUpdated": "2024-08-06T05:24:37.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5766
Vulnerability from cvelistv5
Published
2013-10-16 15:00
Modified
2024-09-17 00:31
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to DB Performance Advisories/UIs.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/55322 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:30.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55322"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to DB Performance Advisories/UIs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-16T15:00:00Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "55322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55322"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5766",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to DB Performance Advisories/UIs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55322",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55322"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5766",
"datePublished": "2013-10-16T15:00:00Z",
"dateReserved": "2013-09-18T00:00:00Z",
"dateUpdated": "2024-09-17T00:31:01.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1367
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=110382247308064&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.kb.cert.org/vuls/id/316206 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.us-cert.gov/cas/techalerts/TA04-245A.html | third-party-advisory, x_refsource_CERT | |
| http://www.ngssoftware.com/advisories/oracle23122004D.txt | x_refsource_MISC | |
| http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041223 Oracle clear text passwords (#NISR2122004D)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382247308064\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Oracle 10g Database Server, when installed with a password that contains an exclamation point (\"!\") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041223 Oracle clear text passwords (#NISR2122004D)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382247308064\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Oracle 10g Database Server, when installed with a password that contains an exclamation point (\"!\") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041223 Oracle clear text passwords (#NISR2122004D)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110382247308064\u0026w=2"
},
{
"name": "VU#316206",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "http://www.ngssoftware.com/advisories/oracle23122004D.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
},
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "101782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1367",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1365
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ngssoftware.com/advisories/oracle23122004C.txt | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18662 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=110382471608835&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.kb.cert.org/vuls/id/316206 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.us-cert.gov/cas/techalerts/TA04-245A.html | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/bid/10871 | vdb-entry, x_refsource_BID | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004C.txt"
},
{
"name": "oracle-extproc-command-execution(18662)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18662"
},
{
"name": "20041223 Oracle extproc local command execution (#NISR23122004C)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382471608835\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004C.txt"
},
{
"name": "oracle-extproc-command-execution(18662)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18662"
},
{
"name": "20041223 Oracle extproc local command execution (#NISR23122004C)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382471608835\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ngssoftware.com/advisories/oracle23122004C.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/oracle23122004C.txt"
},
{
"name": "oracle-extproc-command-execution(18662)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18662"
},
{
"name": "20041223 Oracle extproc local command execution (#NISR23122004C)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110382471608835\u0026w=2"
},
{
"name": "VU#316206",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "101782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1365",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5062
Vulnerability from cvelistv5
Published
2013-01-17 01:30
Modified
2024-08-06 20:50
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:18.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T09:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-5062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2012-5062",
"datePublished": "2013-01-17T01:30:00",
"dateReserved": "2012-09-21T00:00:00",
"dateUpdated": "2024-08-06T20:50:18.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-0372
Vulnerability from cvelistv5
Published
2013-01-17 01:30
Modified
2024-08-06 14:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1 and 12.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/57378 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/57126 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA | |
| http://marc.info/?l=bugtraq&m=139344343412337&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:25:09.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "57378",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57378"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1 and 12.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-12T18:57:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "57378",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/57378"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-0372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1 and 12.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "57378",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57378"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57126",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-0372",
"datePublished": "2013-01-17T01:30:00",
"dateReserved": "2012-12-07T00:00:00",
"dateUpdated": "2024-08-06T14:25:09.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3762
Vulnerability from cvelistv5
Published
2013-10-16 15:00
Modified
2024-09-16 20:02
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2, 12.1.0.3, and 12.1.0.4 allows remote attackers to affect integrity via unknown vectors related to Schema Management.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/55322 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:01.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55322"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2, 12.1.0.3, and 12.1.0.4 allows remote attackers to affect integrity via unknown vectors related to Schema Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-16T15:00:00Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "55322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55322"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2, 12.1.0.3, and 12.1.0.4 allows remote attackers to affect integrity via unknown vectors related to Schema Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55322",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55322"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3762",
"datePublished": "2013-10-16T15:00:00Z",
"dateReserved": "2013-06-03T00:00:00Z",
"dateUpdated": "2024-09-16T20:02:20.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1370
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COMPLETE_ACL_SNAPSHOT, (5) WK_ACL.DELETE_ACLS_WITH_STATEMENT, or (6) DRILOAD.VALIDATE_STMT.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ngssoftware.com/advisories/oracle23122004H.txt | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=110382596129607&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.kb.cert.org/vuls/id/316206 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.us-cert.gov/cas/techalerts/TA04-245A.html | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/bid/10871 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18665 | vdb-entry, x_refsource_XF | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004H.txt"
},
{
"name": "20041223 Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382596129607\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "oracle-procedure-sql-injection(18665)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18665"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COMPLETE_ACL_SNAPSHOT, (5) WK_ACL.DELETE_ACLS_WITH_STATEMENT, or (6) DRILOAD.VALIDATE_STMT."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004H.txt"
},
{
"name": "20041223 Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382596129607\u0026w=2"
},
{
"name": "VU#316206",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "oracle-procedure-sql-injection(18665)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18665"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COMPLETE_ACL_SNAPSHOT, (5) WK_ACL.DELETE_ACLS_WITH_STATEMENT, or (6) DRILOAD.VALIDATE_STMT."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ngssoftware.com/advisories/oracle23122004H.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/oracle23122004H.txt"
},
{
"name": "20041223 Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110382596129607\u0026w=2"
},
{
"name": "VU#316206",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"name": "TA04-245A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"name": "oracle-procedure-sql-injection(18665)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18665"
},
{
"name": "101782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1370",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2646
Vulnerability from cvelistv5
Published
2015-07-16 10:00
Modified
2024-08-06 05:24
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via unknown vectors related to Content Management.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032918 | vdb-entry, x_refsource_SECTRACK | |
| http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:37.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032918"
},
{
"name": "SUSE-SU-2015:1353",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via unknown vectors related to Content Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032918"
},
{
"name": "SUSE-SU-2015:1353",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via unknown vectors related to Content Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032918",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032918"
},
{
"name": "SUSE-SU-2015:1353",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-2646",
"datePublished": "2015-07-16T10:00:00",
"dateReserved": "2015-03-20T00:00:00",
"dateUpdated": "2024-08-06T05:24:37.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3758
Vulnerability from cvelistv5
Published
2013-07-17 10:00
Modified
2024-08-06 16:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager (EM) Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to Schema Management.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/85665 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/95278 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id/1028795 | vdb-entry, x_refsource_SECTRACK | |
| http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/61205 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:00.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-cpujuly2013-cve20133758(85665)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85665"
},
{
"name": "95278",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95278"
},
{
"name": "1028795",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "61205",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager (EM) Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to Schema Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "oracle-cpujuly2013-cve20133758(85665)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85665"
},
{
"name": "95278",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95278"
},
{
"name": "1028795",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "61205",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61205"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager (EM) Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to Schema Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-cpujuly2013-cve20133758(85665)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85665"
},
{
"name": "95278",
"refsource": "OSVDB",
"url": "http://osvdb.org/95278"
},
{
"name": "1028795",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028795"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "61205",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61205"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3758",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:00.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1368
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18656 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=110382264415387&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.ngssoftware.com/advisories/oracle23122004E.txt | x_refsource_MISC | |
| http://www.kb.cert.org/vuls/id/435974 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.us-cert.gov/cas/techalerts/TA04-245A.html | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/bid/10871 | vdb-entry, x_refsource_BID | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-isqlplus-file-access(18656)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18656"
},
{
"name": "20041223 Oracle ISQLPlus file access vulnerability (#NISR2122004E)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382264415387\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004E.txt"
},
{
"name": "VU#435974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/435974"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oracle-isqlplus-file-access(18656)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18656"
},
{
"name": "20041223 Oracle ISQLPlus file access vulnerability (#NISR2122004E)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382264415387\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004E.txt"
},
{
"name": "VU#435974",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/435974"
},
{
"name": "TA04-245A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "101782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-isqlplus-file-access(18656)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18656"
},
{
"name": "20041223 Oracle ISQLPlus file access vulnerability (#NISR2122004E)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110382264415387\u0026w=2"
},
{
"name": "http://www.ngssoftware.com/advisories/oracle23122004E.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/oracle23122004E.txt"
},
{
"name": "VU#435974",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/435974"
},
{
"name": "TA04-245A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"name": "10871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10871"
},
{
"name": "101782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1368",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-0358
Vulnerability from cvelistv5
Published
2013-01-17 01:30
Modified
2024-08-06 14:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Resource Manager.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:25:09.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Resource Manager."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T09:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-0358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Resource Manager."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-0358",
"datePublished": "2013-01-17T01:30:00",
"dateReserved": "2012-12-07T00:00:00",
"dateUpdated": "2024-08-06T14:25:09.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-0352
Vulnerability from cvelistv5
Published
2013-01-17 01:30
Modified
2024-08-06 14:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Content Management.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/57365 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/57126 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA | |
| http://marc.info/?l=bugtraq&m=139344343412337&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:25:09.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "57365",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57365"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Content Management."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-12T18:57:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "57365",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/57365"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-0352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Content Management."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "57365",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57365"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "57126",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57126"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "HPSBST02955",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-0352",
"datePublished": "2013-01-17T01:30:00",
"dateReserved": "2012-12-07T00:00:00",
"dateUpdated": "2024-08-06T14:25:09.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-0373
Vulnerability from cvelistv5
Published
2013-01-17 01:30
Modified
2024-08-06 14:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:25:10.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T09:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-0373",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-0373",
"datePublished": "2013-01-17T01:30:00",
"dateReserved": "2012-12-07T00:00:00",
"dateUpdated": "2024-08-06T14:25:10.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-01-17 01:55
Modified
2024-11-21 01:47
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager Plataforma Base en Oracle Enterprise Grid Manager plataforma de control EM v10.2.0.5 y v11.1.0.1 Base y EM DB Control v11.1.0.7, v11.2.0.2, v11.2.0.3 y, permite a atacantes remotos para afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con las funciones DB Distributed/Cross."
}
],
"id": "CVE-2013-0355",
"lastModified": "2024-11-21T01:47:22.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T01:55:03.467",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 15:55
Modified
2024-11-21 01:54
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2, 12.1.0.3, and 12.1.0.4 allows remote attackers to affect integrity via unknown vectors related to Schema Management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.3 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.4 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A315B606-DCB5-4C37-A7ED-15027445B8AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E3BF8A19-3F5E-4CD0-8675-A0F0B1A5E5E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2, 12.1.0.3, and 12.1.0.4 allows remote attackers to affect integrity via unknown vectors related to Schema Management."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el componente Enterprise Manager Base Platform de Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 y 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, y 11.2.0.3; y EM Plugin for DB 12.1.0.2, 12.1.0.3, y 12.1.0.4 permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores relacionados con Schema Management."
}
],
"id": "CVE-2013-3762",
"lastModified": "2024-11-21T01:54:15.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T15:55:28.163",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/55322"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-17 13:41
Modified
2024-11-21 01:54
Severity ?
Summary
Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager | 10.2.0.5 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_grid_control | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2BD533A-352B-4DD2-855B-ADFC30D71550",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7CC95BD-2D82-4D7A-8E80-3831C0EDFF3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Enterprise Manager (EM) Plataforma Base v10.2.0.5 y EM DB Control v11.1.0.7 en Oracle Enterprise Manager Grid Control permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con el User Interface Framework."
}
],
"id": "CVE-2013-3791",
"lastModified": "2024-11-21T01:54:18.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-17T13:41:16.820",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://jvn.jp/en/jp/JVN26103805/index.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-003391"
},
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/95279"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/61213"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1028795"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN26103805/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-003391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/95279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/61213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85666"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-04 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COMPLETE_ACL_SNAPSHOT, (5) WK_ACL.DELETE_ACLS_WITH_STATEMENT, or (6) DRILOAD.VALIDATE_STMT.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "335143DB-4538-49F4-BAFB-C47802318667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:collaboration_suite:release_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1A1DC8-A38C-4061-A825-C6CC2ED453E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD7B7B5-4C37-4EC7-8B1D-66C1E5043E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E237E5-9E1A-4F20-9A3D-E3418E3B1329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F57A5AE0-90B5-410E-8878-BD514C3B7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7EAC35-E890-444A-B070-C91382F2E242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69568B66-122B-4946-B630-2960DAA1885E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6E1838-B4DA-4F62-8713-9E8D7E79CDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E4A5C-8D0F-4105-8618-26586BEDE84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FEA4F-B1C7-4250-81FD-AC1289769348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*",
"matchCriteriaId": "E3595689-13AE-4349-8684-D73D33D4A9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53F57A30-BE27-4F93-B8E4-B0956007F625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074FCED-60D9-4B07-8A6F-85A89C8CFC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "016AFE8B-049D-4BA9-9270-E18DFDFDC61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF667575-AD5F-43D6-B7BF-F255C1A14A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C033CC3-1840-49A1-AB6E-3EC8CE1F0BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEA97EC-FC86-4F53-A134-B98F25892BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E41C0DB6-CD92-4FDC-A705-83CFB92C062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC43855-2664-42CC-87DD-3C90DB1430C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25A4D091-1D89-484E-A3F7-0F98F8814686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D96A60B5-7B83-4E94-AF2B-AF3DF28EE1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5C8D47-953E-41DF-9852-955611F6D387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4798CAE-9AAA-4623-85B2-309DB46DD28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "121CF7A1-1710-4DA1-B7B6-028557D3FA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "616AD7A7-C8F3-4125-8E26-64109EA40730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7365AA-ACDA-461A-A84C-6B4FF04F295F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C22E50-FDB8-4314-9F36-70D0130EAA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C65AC14-2AA0-4475-9932-E4AEA410CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA730ABB-F315-4F7F-B820-33C5558B05DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CE4E08-4892-419D-AC51-68DD42073092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF52682E-0AB7-4C3F-94D4-7B4A7E08F2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C65C2671-2FFE-4461-A570-72E3BBC312D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6_.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA59E72F-ACC1-44F3-AE63-B42F1EB83F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CB4061-855C-4DAA-BDAD-AA1E68EFC1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07F81AC9-DEBD-4B04-8753-C68BAE509B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0785C55D-183D-42D8-A9F9-DBD297FE7F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8086BBDC-76BE-47C0-8F11-CEC57A23FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BAAEF7-74CA-4C4F-8D52-AC4D5DE2E0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EECAE774-22F3-4872-9E05-A14376F3883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA7E8B-263B-40A2-B6D8-8A303A7D4358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "085FF0CB-B426-4DCB-9411-017A45280A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4991B9-67A9-4EE9-A30F-27950BF3A3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2201796B-013B-4440-B366-1F2966AA86FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43C6FFA8-18A6-4EE1-BE10-A1B7F3C1A47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F90F6C4F-CEF5-4172-97FC-617B71EAA636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFA2A5C-B289-4505-85F5-7F6F0222B552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E876825-D6E5-4958-B737-4CE43A32BEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E07567-754A-40C0-9428-D151880EE6F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6233345D-5100-404A-9B61-524D9679D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB739C3-A9BD-433F-8547-12BC615DB18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7231B057-9B7E-43CA-9E91-6DF74D6ADAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D7A3CB-54CC-4CD9-9672-366233BF0CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58DB0B6B-EB97-448A-B63E-E5997382DD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA77BC6D-661F-46E9-B144-1587C1192B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F9C7F3-8140-4FEF-8319-64CE51B830AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68286D06-9EBA-4FBD-AB0B-D80993895416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C059683-E0A1-4E97-B393-CB6B0EACF7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5675664-7036-48D0-9524-0350F626D4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9F3EE8-DA8B-4605-B70B-CFCA25B07C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DE0FB4-3C1A-460D-B48E-11D7AF415A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "597EE9ED-6A95-46C7-BE83-ADEC6AA65341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAD9D1D-A7E5-4D88-B93B-C518BF1986AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E46FE2E-CA1A-4970-81FF-0BFFF2CF6849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE7A2B1-A161-4A20-9EEC-B1EF7F2E387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D65D66A0-23F7-4110-AF71-05CBFB3F92F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F207CBC6-D186-418D-8F11-3E623530E00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB2708A-58D1-4F17-8504-3748D6667788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B1C7A-287A-405F-B44E-85F891183D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34FC1E19-8F20-4215-8D90-E42EF7126BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB172848-A873-4137-A335-AD034806A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B78BD7D2-7B48-438C-8C24-01C4007C1A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDCC0D1-32AD-4902-8383-2AA169C3F3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4D70A8-A6FE-4F82-82F1-AB1E9C28FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F64908D-FDAA-499B-8060-8A6EC2443418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E77BCF6E-0D09-4DAF-B147-D11FEEE7371C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COMPLETE_ACL_SNAPSHOT, (5) WK_ACL.DELETE_ACLS_WITH_STATEMENT, or (6) DRILOAD.VALIDATE_STMT."
}
],
"id": "CVE-2004-1370",
"lastModified": "2024-11-20T23:50:43.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110382596129607\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004H.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110382596129607\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004H.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18665"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-17 01:55
Modified
2024-11-21 01:47
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Resource Manager.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 10.2.0.3 | |
| oracle | enterprise_manager_database_control | 10.2.0.4 | |
| oracle | enterprise_manager_database_control | 10.2.0.5 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD69F9A-2257-49AB-AB07-E7E35518E93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D247515C-4850-4F98-AC50-7B65EF952F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F946F6-5D8C-4A77-B9C7-A0C35B7874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDE78A0-1483-49FD-B5FD-8186B7D49A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Resource Manager."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager Plataforma Base en Oracle Enterprise Grid Manager plataforma de control EM v10.2.0.5 y v11.1.0.1 Base; EM DB Control v10.2.0.3, v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.2, y v11.2.0.3 y EM plugin para DB v12.1.0.1 y v12.1.0.2 que permite a atacantes remotos para afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con el Administrador de recursos."
}
],
"id": "CVE-2013-0358",
"lastModified": "2024-11-21T01:47:22.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T01:55:03.593",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-04 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "335143DB-4538-49F4-BAFB-C47802318667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:collaboration_suite:release_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1A1DC8-A38C-4061-A825-C6CC2ED453E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD7B7B5-4C37-4EC7-8B1D-66C1E5043E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E237E5-9E1A-4F20-9A3D-E3418E3B1329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F57A5AE0-90B5-410E-8878-BD514C3B7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7EAC35-E890-444A-B070-C91382F2E242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69568B66-122B-4946-B630-2960DAA1885E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6E1838-B4DA-4F62-8713-9E8D7E79CDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E4A5C-8D0F-4105-8618-26586BEDE84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FEA4F-B1C7-4250-81FD-AC1289769348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*",
"matchCriteriaId": "E3595689-13AE-4349-8684-D73D33D4A9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53F57A30-BE27-4F93-B8E4-B0956007F625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074FCED-60D9-4B07-8A6F-85A89C8CFC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "016AFE8B-049D-4BA9-9270-E18DFDFDC61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF667575-AD5F-43D6-B7BF-F255C1A14A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C033CC3-1840-49A1-AB6E-3EC8CE1F0BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEA97EC-FC86-4F53-A134-B98F25892BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E41C0DB6-CD92-4FDC-A705-83CFB92C062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC43855-2664-42CC-87DD-3C90DB1430C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25A4D091-1D89-484E-A3F7-0F98F8814686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D96A60B5-7B83-4E94-AF2B-AF3DF28EE1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5C8D47-953E-41DF-9852-955611F6D387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4798CAE-9AAA-4623-85B2-309DB46DD28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "121CF7A1-1710-4DA1-B7B6-028557D3FA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "616AD7A7-C8F3-4125-8E26-64109EA40730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7365AA-ACDA-461A-A84C-6B4FF04F295F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C22E50-FDB8-4314-9F36-70D0130EAA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C65AC14-2AA0-4475-9932-E4AEA410CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA730ABB-F315-4F7F-B820-33C5558B05DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CE4E08-4892-419D-AC51-68DD42073092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF52682E-0AB7-4C3F-94D4-7B4A7E08F2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C65C2671-2FFE-4461-A570-72E3BBC312D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6_.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA59E72F-ACC1-44F3-AE63-B42F1EB83F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CB4061-855C-4DAA-BDAD-AA1E68EFC1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07F81AC9-DEBD-4B04-8753-C68BAE509B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0785C55D-183D-42D8-A9F9-DBD297FE7F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8086BBDC-76BE-47C0-8F11-CEC57A23FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BAAEF7-74CA-4C4F-8D52-AC4D5DE2E0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EECAE774-22F3-4872-9E05-A14376F3883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA7E8B-263B-40A2-B6D8-8A303A7D4358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "085FF0CB-B426-4DCB-9411-017A45280A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4991B9-67A9-4EE9-A30F-27950BF3A3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2201796B-013B-4440-B366-1F2966AA86FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43C6FFA8-18A6-4EE1-BE10-A1B7F3C1A47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F90F6C4F-CEF5-4172-97FC-617B71EAA636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFA2A5C-B289-4505-85F5-7F6F0222B552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E876825-D6E5-4958-B737-4CE43A32BEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E07567-754A-40C0-9428-D151880EE6F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6233345D-5100-404A-9B61-524D9679D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB739C3-A9BD-433F-8547-12BC615DB18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7231B057-9B7E-43CA-9E91-6DF74D6ADAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D7A3CB-54CC-4CD9-9672-366233BF0CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58DB0B6B-EB97-448A-B63E-E5997382DD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA77BC6D-661F-46E9-B144-1587C1192B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F9C7F3-8140-4FEF-8319-64CE51B830AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68286D06-9EBA-4FBD-AB0B-D80993895416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C059683-E0A1-4E97-B393-CB6B0EACF7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5675664-7036-48D0-9524-0350F626D4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9F3EE8-DA8B-4605-B70B-CFCA25B07C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DE0FB4-3C1A-460D-B48E-11D7AF415A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "597EE9ED-6A95-46C7-BE83-ADEC6AA65341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAD9D1D-A7E5-4D88-B93B-C518BF1986AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E46FE2E-CA1A-4970-81FF-0BFFF2CF6849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE7A2B1-A161-4A20-9EEC-B1EF7F2E387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D65D66A0-23F7-4110-AF71-05CBFB3F92F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F207CBC6-D186-418D-8F11-3E623530E00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB2708A-58D1-4F17-8504-3748D6667788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B1C7A-287A-405F-B44E-85F891183D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34FC1E19-8F20-4215-8D90-E42EF7126BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB172848-A873-4137-A335-AD034806A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B78BD7D2-7B48-438C-8C24-01C4007C1A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDCC0D1-32AD-4902-8383-2AA169C3F3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4D70A8-A6FE-4F82-82F1-AB1E9C28FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F64908D-FDAA-499B-8060-8A6EC2443418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E77BCF6E-0D09-4DAF-B147-D11FEEE7371C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with \"%FF\" encoded sequences that are improperly converted to \"Y\" characters."
}
],
"id": "CVE-2004-1362",
"lastModified": "2024-11-20T23:50:41.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110382306006205\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/435974"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004G.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110382306006205\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/435974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004G.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18657"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-04 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "335143DB-4538-49F4-BAFB-C47802318667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:collaboration_suite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F72FA3A-068D-4DC8-84DF-A86FDA7CAE1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:8.1.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B559C62F-88A7-42D3-9629-9F5CAD43F8B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2109201B-89F7-4FF2-BFD1-2B220E3146FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C67572-800C-4214-AD12-E9017A9A5BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E108197C-DCA8-4624-9FEF-621BFB299662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C63EC8-73D7-46AE-81E7-04DF212BC8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47CC3066-82BA-41AB-B6C8-D2E7D7AE7D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "553BAC35-0A37-40C2-A150-F34D59D097F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD7B7B5-4C37-4EC7-8B1D-66C1E5043E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E237E5-9E1A-4F20-9A3D-E3418E3B1329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F57A5AE0-90B5-410E-8878-BD514C3B7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7EAC35-E890-444A-B070-C91382F2E242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69568B66-122B-4946-B630-2960DAA1885E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6E1838-B4DA-4F62-8713-9E8D7E79CDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E4A5C-8D0F-4105-8618-26586BEDE84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FEA4F-B1C7-4250-81FD-AC1289769348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*",
"matchCriteriaId": "E3595689-13AE-4349-8684-D73D33D4A9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53F57A30-BE27-4F93-B8E4-B0956007F625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074FCED-60D9-4B07-8A6F-85A89C8CFC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "016AFE8B-049D-4BA9-9270-E18DFDFDC61F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed."
}
],
"id": "CVE-2004-1363",
"lastModified": "2024-11-20T23:50:41.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2004-08-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382345829397\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110382345829397\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18659"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-04 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "335143DB-4538-49F4-BAFB-C47802318667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:collaboration_suite:release_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1A1DC8-A38C-4061-A825-C6CC2ED453E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD7B7B5-4C37-4EC7-8B1D-66C1E5043E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E237E5-9E1A-4F20-9A3D-E3418E3B1329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F57A5AE0-90B5-410E-8878-BD514C3B7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7EAC35-E890-444A-B070-C91382F2E242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69568B66-122B-4946-B630-2960DAA1885E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6E1838-B4DA-4F62-8713-9E8D7E79CDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E4A5C-8D0F-4105-8618-26586BEDE84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FEA4F-B1C7-4250-81FD-AC1289769348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*",
"matchCriteriaId": "E3595689-13AE-4349-8684-D73D33D4A9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53F57A30-BE27-4F93-B8E4-B0956007F625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074FCED-60D9-4B07-8A6F-85A89C8CFC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "016AFE8B-049D-4BA9-9270-E18DFDFDC61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF667575-AD5F-43D6-B7BF-F255C1A14A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C033CC3-1840-49A1-AB6E-3EC8CE1F0BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEA97EC-FC86-4F53-A134-B98F25892BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E41C0DB6-CD92-4FDC-A705-83CFB92C062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC43855-2664-42CC-87DD-3C90DB1430C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25A4D091-1D89-484E-A3F7-0F98F8814686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D96A60B5-7B83-4E94-AF2B-AF3DF28EE1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5C8D47-953E-41DF-9852-955611F6D387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4798CAE-9AAA-4623-85B2-309DB46DD28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "121CF7A1-1710-4DA1-B7B6-028557D3FA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "616AD7A7-C8F3-4125-8E26-64109EA40730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7365AA-ACDA-461A-A84C-6B4FF04F295F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C22E50-FDB8-4314-9F36-70D0130EAA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C65AC14-2AA0-4475-9932-E4AEA410CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA730ABB-F315-4F7F-B820-33C5558B05DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CE4E08-4892-419D-AC51-68DD42073092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF52682E-0AB7-4C3F-94D4-7B4A7E08F2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C65C2671-2FFE-4461-A570-72E3BBC312D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6_.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA59E72F-ACC1-44F3-AE63-B42F1EB83F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CB4061-855C-4DAA-BDAD-AA1E68EFC1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07F81AC9-DEBD-4B04-8753-C68BAE509B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0785C55D-183D-42D8-A9F9-DBD297FE7F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8086BBDC-76BE-47C0-8F11-CEC57A23FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BAAEF7-74CA-4C4F-8D52-AC4D5DE2E0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EECAE774-22F3-4872-9E05-A14376F3883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA7E8B-263B-40A2-B6D8-8A303A7D4358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "085FF0CB-B426-4DCB-9411-017A45280A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4991B9-67A9-4EE9-A30F-27950BF3A3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2201796B-013B-4440-B366-1F2966AA86FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43C6FFA8-18A6-4EE1-BE10-A1B7F3C1A47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F90F6C4F-CEF5-4172-97FC-617B71EAA636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFA2A5C-B289-4505-85F5-7F6F0222B552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E876825-D6E5-4958-B737-4CE43A32BEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E07567-754A-40C0-9428-D151880EE6F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6233345D-5100-404A-9B61-524D9679D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB739C3-A9BD-433F-8547-12BC615DB18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7231B057-9B7E-43CA-9E91-6DF74D6ADAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D7A3CB-54CC-4CD9-9672-366233BF0CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58DB0B6B-EB97-448A-B63E-E5997382DD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA77BC6D-661F-46E9-B144-1587C1192B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F9C7F3-8140-4FEF-8319-64CE51B830AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68286D06-9EBA-4FBD-AB0B-D80993895416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C059683-E0A1-4E97-B393-CB6B0EACF7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5675664-7036-48D0-9524-0350F626D4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9F3EE8-DA8B-4605-B70B-CFCA25B07C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DE0FB4-3C1A-460D-B48E-11D7AF415A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "597EE9ED-6A95-46C7-BE83-ADEC6AA65341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAD9D1D-A7E5-4D88-B93B-C518BF1986AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E46FE2E-CA1A-4970-81FF-0BFFF2CF6849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE7A2B1-A161-4A20-9EEC-B1EF7F2E387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D65D66A0-23F7-4110-AF71-05CBFB3F92F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F207CBC6-D186-418D-8F11-3E623530E00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB2708A-58D1-4F17-8504-3748D6667788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B1C7A-287A-405F-B44E-85F891183D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34FC1E19-8F20-4215-8D90-E42EF7126BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB172848-A873-4137-A335-AD034806A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B78BD7D2-7B48-438C-8C24-01C4007C1A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDCC0D1-32AD-4902-8383-2AA169C3F3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4D70A8-A6FE-4F82-82F1-AB1E9C28FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F64908D-FDAA-499B-8060-8A6EC2443418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E77BCF6E-0D09-4DAF-B147-D11FEEE7371C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Oracle 10g Database Server, when installed with a password that contains an exclamation point (\"!\") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password."
}
],
"id": "CVE-2004-1367",
"lastModified": "2024-11-20T23:50:42.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110382247308064\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110382247308064\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-04 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "335143DB-4538-49F4-BAFB-C47802318667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:collaboration_suite:release_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1A1DC8-A38C-4061-A825-C6CC2ED453E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD7B7B5-4C37-4EC7-8B1D-66C1E5043E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E237E5-9E1A-4F20-9A3D-E3418E3B1329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F57A5AE0-90B5-410E-8878-BD514C3B7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7EAC35-E890-444A-B070-C91382F2E242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69568B66-122B-4946-B630-2960DAA1885E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6E1838-B4DA-4F62-8713-9E8D7E79CDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E4A5C-8D0F-4105-8618-26586BEDE84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FEA4F-B1C7-4250-81FD-AC1289769348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*",
"matchCriteriaId": "E3595689-13AE-4349-8684-D73D33D4A9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53F57A30-BE27-4F93-B8E4-B0956007F625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074FCED-60D9-4B07-8A6F-85A89C8CFC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "016AFE8B-049D-4BA9-9270-E18DFDFDC61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF667575-AD5F-43D6-B7BF-F255C1A14A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C033CC3-1840-49A1-AB6E-3EC8CE1F0BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEA97EC-FC86-4F53-A134-B98F25892BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E41C0DB6-CD92-4FDC-A705-83CFB92C062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC43855-2664-42CC-87DD-3C90DB1430C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25A4D091-1D89-484E-A3F7-0F98F8814686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D96A60B5-7B83-4E94-AF2B-AF3DF28EE1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5C8D47-953E-41DF-9852-955611F6D387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4798CAE-9AAA-4623-85B2-309DB46DD28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "121CF7A1-1710-4DA1-B7B6-028557D3FA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "616AD7A7-C8F3-4125-8E26-64109EA40730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7365AA-ACDA-461A-A84C-6B4FF04F295F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C22E50-FDB8-4314-9F36-70D0130EAA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C65AC14-2AA0-4475-9932-E4AEA410CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA730ABB-F315-4F7F-B820-33C5558B05DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CE4E08-4892-419D-AC51-68DD42073092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF52682E-0AB7-4C3F-94D4-7B4A7E08F2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C65C2671-2FFE-4461-A570-72E3BBC312D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6_.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA59E72F-ACC1-44F3-AE63-B42F1EB83F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CB4061-855C-4DAA-BDAD-AA1E68EFC1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07F81AC9-DEBD-4B04-8753-C68BAE509B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0785C55D-183D-42D8-A9F9-DBD297FE7F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8086BBDC-76BE-47C0-8F11-CEC57A23FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BAAEF7-74CA-4C4F-8D52-AC4D5DE2E0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EECAE774-22F3-4872-9E05-A14376F3883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA7E8B-263B-40A2-B6D8-8A303A7D4358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "085FF0CB-B426-4DCB-9411-017A45280A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4991B9-67A9-4EE9-A30F-27950BF3A3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2201796B-013B-4440-B366-1F2966AA86FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43C6FFA8-18A6-4EE1-BE10-A1B7F3C1A47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F90F6C4F-CEF5-4172-97FC-617B71EAA636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFA2A5C-B289-4505-85F5-7F6F0222B552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E876825-D6E5-4958-B737-4CE43A32BEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E07567-754A-40C0-9428-D151880EE6F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6233345D-5100-404A-9B61-524D9679D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB739C3-A9BD-433F-8547-12BC615DB18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7231B057-9B7E-43CA-9E91-6DF74D6ADAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D7A3CB-54CC-4CD9-9672-366233BF0CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58DB0B6B-EB97-448A-B63E-E5997382DD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA77BC6D-661F-46E9-B144-1587C1192B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F9C7F3-8140-4FEF-8319-64CE51B830AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68286D06-9EBA-4FBD-AB0B-D80993895416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C059683-E0A1-4E97-B393-CB6B0EACF7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5675664-7036-48D0-9524-0350F626D4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9F3EE8-DA8B-4605-B70B-CFCA25B07C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DE0FB4-3C1A-460D-B48E-11D7AF415A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "597EE9ED-6A95-46C7-BE83-ADEC6AA65341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAD9D1D-A7E5-4D88-B93B-C518BF1986AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E46FE2E-CA1A-4970-81FF-0BFFF2CF6849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE7A2B1-A161-4A20-9EEC-B1EF7F2E387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D65D66A0-23F7-4110-AF71-05CBFB3F92F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F207CBC6-D186-418D-8F11-3E623530E00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB2708A-58D1-4F17-8504-3748D6667788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B1C7A-287A-405F-B44E-85F891183D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34FC1E19-8F20-4215-8D90-E42EF7126BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB172848-A873-4137-A335-AD034806A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B78BD7D2-7B48-438C-8C24-01C4007C1A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDCC0D1-32AD-4902-8383-2AA169C3F3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4D70A8-A6FE-4F82-82F1-AB1E9C28FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F64908D-FDAA-499B-8060-8A6EC2443418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E77BCF6E-0D09-4DAF-B147-D11FEEE7371C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\\bin directory."
}
],
"id": "CVE-2004-1364",
"lastModified": "2024-11-20T23:50:42.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110382406002365\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004B.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/454861/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110382406002365\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004B.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/454861/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18658"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-17 01:55
Modified
2024-11-21 01:47
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Database Cloning.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_database_control | 10.2.0.3 | |
| oracle | enterprise_manager_database_control | 10.2.0.4 | |
| oracle | enterprise_manager_database_control | 10.2.0.5 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD69F9A-2257-49AB-AB07-E7E35518E93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D247515C-4850-4F98-AC50-7B65EF952F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F946F6-5D8C-4A77-B9C7-A0C35B7874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDE78A0-1483-49FD-B5FD-8186B7D49A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Database Cloning."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en el componente Enterprise Manager Base Platform en Oracle Enterprise Manager Grid Control EM Base Platform v10.2.0.5 y v11.1.0.1; EM DB Control v10.2.0.3, v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.2 y v11.2.0.3 y EM plugin para DB v12.1.0.1, v12.1.0.2 y permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con la clonaci\u00f3n de bases de datos."
}
],
"id": "CVE-2013-0374",
"lastModified": "2024-11-21T01:47:24.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T01:55:04.250",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-16 11:00
Modified
2024-11-21 02:27
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via unknown vectors related to Content Management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_database_control | 11.2.0.4 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.5 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.6 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB215790-E35D-4735-9A91-92026FC97EAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34EC1312-4E87-421D-A381-C658330B2A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F30D6CBB-34FB-415A-B9DA-B70E73A29CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "57D79A1C-D449-4E83-9BEA-EE888F8DE3F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via unknown vectors related to Content Management."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager for Oracle Database en Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3 y 11.2.0.4, permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con Content Management."
}
],
"id": "CVE-2015-2646",
"lastModified": "2024-11-21T02:27:46.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-16T11:00:06.393",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1032918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032918"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-15 22:55
Modified
2024-11-21 02:14
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6 allows remote authenticated users to affect integrity via unknown vectors related to Content Management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_grid_control | 12.1.0.4 | |
| oracle | enterprise_manager_grid_control | 12.1.0.5 | |
| oracle | enterprise_manager_grid_control | 12.1.0.6 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_database_control | 11.2.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E81DD5-2CB9-4B46-B153-2B8F8160DAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0099282F-D08B-4F6F-BFAD-9730141083B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AA6BBF-8A96-4911-8DC3-B9082D99F2F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB215790-E35D-4735-9A91-92026FC97EAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6 allows remote authenticated users to affect integrity via unknown vectors related to Content Management."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el componente Enterprise Manager for Oracle Database en Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin para DB: 12.1.0.4, 12.1.0.5, y 12.1.0.6 permite a usuarios remotos sin autenticar afectar a la integridad a trav\u00e9s de vectores desconocidos relacionados con la gesti\u00f3n de contenidos."
}
],
"id": "CVE-2014-6488",
"lastModified": "2024-11-21T02:14:29.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-15T22:55:05.717",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61727"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/70506"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1031041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031041"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-17 01:55
Modified
2024-11-21 01:47
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Content Management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 10.2.0.3 | |
| oracle | enterprise_manager_database_control | 10.2.0.4 | |
| oracle | enterprise_manager_database_control | 10.2.0.5 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD69F9A-2257-49AB-AB07-E7E35518E93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D247515C-4850-4F98-AC50-7B65EF952F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F946F6-5D8C-4A77-B9C7-A0C35B7874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDE78A0-1483-49FD-B5FD-8186B7D49A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Content Management."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager Plataforma Base en Oracle Enterprise Grid Manager plataforma de control EM v10.2.0.5 y v11.1.0.1 Base; EM DB Control v10.2.0.3, v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.2, y v11.2.0.3 y EM plugin para DB v12.1.0.1 y v12.1.0.2 permite a atacantes remotos para afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con gesti\u00f3n de contenidos."
}
],
"id": "CVE-2013-0352",
"lastModified": "2024-11-21T01:47:22.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T01:55:03.310",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/57126"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/57365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/57365"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-17 01:55
Modified
2024-11-21 01:40
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 10.2.0.3 | |
| oracle | enterprise_manager_database_control | 10.2.0.4 | |
| oracle | enterprise_manager_database_control | 10.2.0.5 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD69F9A-2257-49AB-AB07-E7E35518E93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D247515C-4850-4F98-AC50-7B65EF952F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F946F6-5D8C-4A77-B9C7-A0C35B7874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDE78A0-1483-49FD-B5FD-8186B7D49A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager Base Platform en Oracle Enterprise Grid Manager Control EM v10.2.0.5 y v11.1.0.1 Base; EM DB Control v10.2.0.3, v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.2, y v11.2.0.3 y EM plugin para DB v12.1.0.1 y v12.1.0.2 permite a atacantes remotos para afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con Storage Management."
}
],
"id": "CVE-2012-3219",
"lastModified": "2024-11-21T01:40:27.803",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T01:55:02.997",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/57126"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/57349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/57349"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-17 01:55
Modified
2024-11-21 01:47
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 allows remote attackers to affect integrity via unknown vectors related to Enterprise Configuration Management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDE78A0-1483-49FD-B5FD-8186B7D49A52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 allows remote attackers to affect integrity via unknown vectors related to Enterprise Configuration Management."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager Plataforma Base en Oracle Enterprise Grid Manager plataforma de control EM v10.2.0.5 y v11.1.0.1 Base; EM DB Control v11.1.0.7, v11.2.0.2, v11.2.0.3 y, y EM API de DB v12.1.0.1 permite a atacantes remotos para afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con la administraci\u00f3n de configuraci\u00f3n de Enterprise."
}
],
"id": "CVE-2013-0353",
"lastModified": "2024-11-21T01:47:22.117",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T01:55:03.357",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-17 01:55
Modified
2024-11-21 01:47
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1 and 12.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_grid_control | 12.1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B0B957B-F90C-433D-A4AD-FF48C0E8755A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1 and 12.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en el componente Enterprise Manager Base Platform en Oracle Enterprise Manager Grid Control EM Base Platform v11.1.0.1 y v12.1.0.1, EM DB Control v11.1.0.7, v11.2.0.2, v11.2.0.3 y, EM Plugin y API de DB v12.1.0.2 permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con las funciones DB distribuidos/cruzados."
}
],
"id": "CVE-2013-0372",
"lastModified": "2024-11-21T01:47:24.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T01:55:04.170",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/57126"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/57378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/57378"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-04 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "335143DB-4538-49F4-BAFB-C47802318667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:collaboration_suite:release_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1A1DC8-A38C-4061-A825-C6CC2ED453E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD7B7B5-4C37-4EC7-8B1D-66C1E5043E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E237E5-9E1A-4F20-9A3D-E3418E3B1329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F57A5AE0-90B5-410E-8878-BD514C3B7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7EAC35-E890-444A-B070-C91382F2E242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69568B66-122B-4946-B630-2960DAA1885E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6E1838-B4DA-4F62-8713-9E8D7E79CDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E4A5C-8D0F-4105-8618-26586BEDE84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FEA4F-B1C7-4250-81FD-AC1289769348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*",
"matchCriteriaId": "E3595689-13AE-4349-8684-D73D33D4A9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53F57A30-BE27-4F93-B8E4-B0956007F625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074FCED-60D9-4B07-8A6F-85A89C8CFC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "016AFE8B-049D-4BA9-9270-E18DFDFDC61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF667575-AD5F-43D6-B7BF-F255C1A14A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C033CC3-1840-49A1-AB6E-3EC8CE1F0BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEA97EC-FC86-4F53-A134-B98F25892BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E41C0DB6-CD92-4FDC-A705-83CFB92C062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC43855-2664-42CC-87DD-3C90DB1430C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25A4D091-1D89-484E-A3F7-0F98F8814686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D96A60B5-7B83-4E94-AF2B-AF3DF28EE1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5C8D47-953E-41DF-9852-955611F6D387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4798CAE-9AAA-4623-85B2-309DB46DD28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "121CF7A1-1710-4DA1-B7B6-028557D3FA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "616AD7A7-C8F3-4125-8E26-64109EA40730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7365AA-ACDA-461A-A84C-6B4FF04F295F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C22E50-FDB8-4314-9F36-70D0130EAA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C65AC14-2AA0-4475-9932-E4AEA410CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA730ABB-F315-4F7F-B820-33C5558B05DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CE4E08-4892-419D-AC51-68DD42073092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF52682E-0AB7-4C3F-94D4-7B4A7E08F2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C65C2671-2FFE-4461-A570-72E3BBC312D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6_.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA59E72F-ACC1-44F3-AE63-B42F1EB83F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CB4061-855C-4DAA-BDAD-AA1E68EFC1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07F81AC9-DEBD-4B04-8753-C68BAE509B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0785C55D-183D-42D8-A9F9-DBD297FE7F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8086BBDC-76BE-47C0-8F11-CEC57A23FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BAAEF7-74CA-4C4F-8D52-AC4D5DE2E0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EECAE774-22F3-4872-9E05-A14376F3883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA7E8B-263B-40A2-B6D8-8A303A7D4358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "085FF0CB-B426-4DCB-9411-017A45280A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4991B9-67A9-4EE9-A30F-27950BF3A3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2201796B-013B-4440-B366-1F2966AA86FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43C6FFA8-18A6-4EE1-BE10-A1B7F3C1A47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F90F6C4F-CEF5-4172-97FC-617B71EAA636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFA2A5C-B289-4505-85F5-7F6F0222B552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E876825-D6E5-4958-B737-4CE43A32BEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E07567-754A-40C0-9428-D151880EE6F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6233345D-5100-404A-9B61-524D9679D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB739C3-A9BD-433F-8547-12BC615DB18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7231B057-9B7E-43CA-9E91-6DF74D6ADAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D7A3CB-54CC-4CD9-9672-366233BF0CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58DB0B6B-EB97-448A-B63E-E5997382DD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA77BC6D-661F-46E9-B144-1587C1192B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F9C7F3-8140-4FEF-8319-64CE51B830AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68286D06-9EBA-4FBD-AB0B-D80993895416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C059683-E0A1-4E97-B393-CB6B0EACF7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5675664-7036-48D0-9524-0350F626D4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9F3EE8-DA8B-4605-B70B-CFCA25B07C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DE0FB4-3C1A-460D-B48E-11D7AF415A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "597EE9ED-6A95-46C7-BE83-ADEC6AA65341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAD9D1D-A7E5-4D88-B93B-C518BF1986AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E46FE2E-CA1A-4970-81FF-0BFFF2CF6849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE7A2B1-A161-4A20-9EEC-B1EF7F2E387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D65D66A0-23F7-4110-AF71-05CBFB3F92F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F207CBC6-D186-418D-8F11-3E623530E00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB2708A-58D1-4F17-8504-3748D6667788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B1C7A-287A-405F-B44E-85F891183D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34FC1E19-8F20-4215-8D90-E42EF7126BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB172848-A873-4137-A335-AD034806A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B78BD7D2-7B48-438C-8C24-01C4007C1A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDCC0D1-32AD-4902-8383-2AA169C3F3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4D70A8-A6FE-4F82-82F1-AB1E9C28FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F64908D-FDAA-499B-8060-8A6EC2443418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E77BCF6E-0D09-4DAF-B147-D11FEEE7371C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script."
}
],
"id": "CVE-2004-1368",
"lastModified": "2024-11-20T23:50:42.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110382264415387\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/435974"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004E.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110382264415387\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/435974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004E.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18656"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-04 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "335143DB-4538-49F4-BAFB-C47802318667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:collaboration_suite:release_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1A1DC8-A38C-4061-A825-C6CC2ED453E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:9i_application_server:*:*:*:*:*:*:*",
"matchCriteriaId": "0D51C24E-B1DB-4C48-A2C3-7A75C93E764B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD7B7B5-4C37-4EC7-8B1D-66C1E5043E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E237E5-9E1A-4F20-9A3D-E3418E3B1329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F57A5AE0-90B5-410E-8878-BD514C3B7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7EAC35-E890-444A-B070-C91382F2E242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69568B66-122B-4946-B630-2960DAA1885E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6E1838-B4DA-4F62-8713-9E8D7E79CDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E4A5C-8D0F-4105-8618-26586BEDE84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FEA4F-B1C7-4250-81FD-AC1289769348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*",
"matchCriteriaId": "E3595689-13AE-4349-8684-D73D33D4A9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53F57A30-BE27-4F93-B8E4-B0956007F625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074FCED-60D9-4B07-8A6F-85A89C8CFC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "016AFE8B-049D-4BA9-9270-E18DFDFDC61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF667575-AD5F-43D6-B7BF-F255C1A14A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C033CC3-1840-49A1-AB6E-3EC8CE1F0BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEA97EC-FC86-4F53-A134-B98F25892BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E41C0DB6-CD92-4FDC-A705-83CFB92C062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC43855-2664-42CC-87DD-3C90DB1430C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25A4D091-1D89-484E-A3F7-0F98F8814686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D96A60B5-7B83-4E94-AF2B-AF3DF28EE1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5C8D47-953E-41DF-9852-955611F6D387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4798CAE-9AAA-4623-85B2-309DB46DD28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "121CF7A1-1710-4DA1-B7B6-028557D3FA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "616AD7A7-C8F3-4125-8E26-64109EA40730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7365AA-ACDA-461A-A84C-6B4FF04F295F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C22E50-FDB8-4314-9F36-70D0130EAA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C65AC14-2AA0-4475-9932-E4AEA410CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA730ABB-F315-4F7F-B820-33C5558B05DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CE4E08-4892-419D-AC51-68DD42073092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF52682E-0AB7-4C3F-94D4-7B4A7E08F2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C65C2671-2FFE-4461-A570-72E3BBC312D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6_.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA59E72F-ACC1-44F3-AE63-B42F1EB83F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CB4061-855C-4DAA-BDAD-AA1E68EFC1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07F81AC9-DEBD-4B04-8753-C68BAE509B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0785C55D-183D-42D8-A9F9-DBD297FE7F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8086BBDC-76BE-47C0-8F11-CEC57A23FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BAAEF7-74CA-4C4F-8D52-AC4D5DE2E0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EECAE774-22F3-4872-9E05-A14376F3883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA7E8B-263B-40A2-B6D8-8A303A7D4358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "085FF0CB-B426-4DCB-9411-017A45280A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4991B9-67A9-4EE9-A30F-27950BF3A3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2201796B-013B-4440-B366-1F2966AA86FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43C6FFA8-18A6-4EE1-BE10-A1B7F3C1A47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F90F6C4F-CEF5-4172-97FC-617B71EAA636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFA2A5C-B289-4505-85F5-7F6F0222B552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E876825-D6E5-4958-B737-4CE43A32BEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E07567-754A-40C0-9428-D151880EE6F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6233345D-5100-404A-9B61-524D9679D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB739C3-A9BD-433F-8547-12BC615DB18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7231B057-9B7E-43CA-9E91-6DF74D6ADAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D7A3CB-54CC-4CD9-9672-366233BF0CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58DB0B6B-EB97-448A-B63E-E5997382DD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA77BC6D-661F-46E9-B144-1587C1192B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F9C7F3-8140-4FEF-8319-64CE51B830AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68286D06-9EBA-4FBD-AB0B-D80993895416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C059683-E0A1-4E97-B393-CB6B0EACF7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5675664-7036-48D0-9524-0350F626D4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9F3EE8-DA8B-4605-B70B-CFCA25B07C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DE0FB4-3C1A-460D-B48E-11D7AF415A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "597EE9ED-6A95-46C7-BE83-ADEC6AA65341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAD9D1D-A7E5-4D88-B93B-C518BF1986AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E46FE2E-CA1A-4970-81FF-0BFFF2CF6849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE7A2B1-A161-4A20-9EEC-B1EF7F2E387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D65D66A0-23F7-4110-AF71-05CBFB3F92F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F207CBC6-D186-418D-8F11-3E623530E00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB2708A-58D1-4F17-8504-3748D6667788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B1C7A-287A-405F-B44E-85F891183D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34FC1E19-8F20-4215-8D90-E42EF7126BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB172848-A873-4137-A335-AD034806A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B78BD7D2-7B48-438C-8C24-01C4007C1A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDCC0D1-32AD-4902-8383-2AA169C3F3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4D70A8-A6FE-4F82-82F1-AB1E9C28FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F64908D-FDAA-499B-8060-8A6EC2443418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E77BCF6E-0D09-4DAF-B147-D11FEEE7371C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure."
}
],
"id": "CVE-2004-1371",
"lastModified": "2024-11-20T23:50:43.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110382570313035\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004J.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110382570313035\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004J.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18666"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-17 01:55
Modified
2024-11-21 01:43
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 10.2.0.3 | |
| oracle | enterprise_manager_database_control | 10.2.0.4 | |
| oracle | enterprise_manager_database_control | 10.2.0.5 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_grid_control | 10.2.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD69F9A-2257-49AB-AB07-E7E35518E93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D247515C-4850-4F98-AC50-7B65EF952F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F946F6-5D8C-4A77-B9C7-A0C35B7874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el componente Enterprise Manager Base Platform en Oracle Enterprise Manager Grid Control EM Base Platform v10.2.0.5 y EM DB Control v10.2.0.3, v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.2, y v11.2.0.3 que permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con el User Interface Framework."
}
],
"id": "CVE-2012-5062",
"lastModified": "2024-11-21T01:43:57.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T01:55:03.170",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-17 13:41
Modified
2024-11-21 01:54
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager (EM) Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to Schema Management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager | 10.2.0.5 | |
| oracle | enterprise_manager | 11.1.0.1 | |
| oracle | enterprise_manager_database_control | 10.2.0.4 | |
| oracle | enterprise_manager_database_control | 10.2.0.5 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2BD533A-352B-4DD2-855B-ADFC30D71550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "854FF546-BF83-4997-ACFE-29FA0283CFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D247515C-4850-4F98-AC50-7B65EF952F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F946F6-5D8C-4A77-B9C7-A0C35B7874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A315B606-DCB5-4C37-A7ED-15027445B8AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager (EM) Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to Schema Management."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el Enterprise Manager (EM) Base Platform v10.2.0.5 y v11.1.0.1; EM DB Control v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.2, y v11.2.0.3; y EM Plugin para DB v12.1.0.2 y v12.1.0.3 en Oracle Enterprise Manager Grid Control permite a atacantes remotos afectar la integridad mediante vectores relacionados con Schema Management."
}
],
"id": "CVE-2013-3758",
"lastModified": "2024-11-21T01:54:14.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-17T13:41:16.640",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/95278"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/61205"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1028795"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/95278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/61205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85665"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 15:55
Modified
2024-11-21 01:58
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to DB Performance Advisories/UIs.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A315B606-DCB5-4C37-A7ED-15027445B8AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to DB Performance Advisories/UIs."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager Base Platform de Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 y 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, y 11.2.0.3; y EM Plugin para DB 12.1.0.2 y 12.1.0.3 permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con DB Performance Advisories/UIs."
}
],
"id": "CVE-2013-5766",
"lastModified": "2024-11-21T01:58:04.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T15:55:34.163",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/55322"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-16 11:00
Modified
2024-11-21 02:31
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vectors related to RAC Management.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert_us@oracle.com | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html | Third Party Advisory | |
| secalert_us@oracle.com | http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | Patch, Vendor Advisory | |
| secalert_us@oracle.com | http://www.securitytracker.com/id/1032918 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032918 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_database_control | 11.2.0.4 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB215790-E35D-4735-9A91-92026FC97EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vectors related to RAC Management."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager for Oracle Database en Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1 y EM DB Control 11.2.0.3 y 11.2.0.4, permite a atacantes remotos afectar la confidencialidad a trav\u00e9s de vectores relacionados con RAC Management."
}
],
"id": "CVE-2015-4735",
"lastModified": "2024-11-21T02:31:38.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-16T11:00:30.387",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032918"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 17:55
Modified
2024-11-21 01:58
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 | |
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager Base Platform en Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 y 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, y 11.2.0.3; y EM Plugin para DB 12.1.0.2 que permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con la gesti\u00f3n de almacenamiento."
}
],
"id": "CVE-2013-5827",
"lastModified": "2024-11-21T01:58:13.883",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T17:55:05.803",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/55322"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 17:55
Modified
2024-11-21 01:58
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to Storage Management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_grid_control | 12.1.0.3 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 | |
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D30BF0C2-6E08-4BB9-95BD-70C76B249027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to Storage Management."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager Base Platform de Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 y 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, y 11.2.0.3; y EM Plugin para DB 12.1.0.2 y 12.1.0.3 permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con Storage Management."
}
],
"id": "CVE-2013-5828",
"lastModified": "2024-11-21T01:58:13.993",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T17:55:05.817",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/55322"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-17 01:55
Modified
2024-11-21 01:47
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 10.2.0.3 | |
| oracle | enterprise_manager_database_control | 10.2.0.4 | |
| oracle | enterprise_manager_database_control | 10.2.0.5 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_grid_control | 10.2.0.5 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.1 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD69F9A-2257-49AB-AB07-E7E35518E93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D247515C-4850-4F98-AC50-7B65EF952F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F946F6-5D8C-4A77-B9C7-A0C35B7874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDE78A0-1483-49FD-B5FD-8186B7D49A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en el componente Enterprise Manager Base Platform en Oracle Enterprise Manager Grid Control EM Base Platform v10.2.0.5 y v11.1.0.1; EM DB Control v10.2.0.3, v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.2 y v11.2.0.3 y EM plugin para DB v12.1.0.1, v12.1.0.2 permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con las funcionalidades de base de datos Distribu\u00eddas/cruzadas."
}
],
"id": "CVE-2013-0373",
"lastModified": "2024-11-21T01:47:24.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T01:55:04.217",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-16 11:00
Modified
2024-11-21 02:27
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.5 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.6 | |
| oracle | enterprise_manager_plugin_for_database_control | 12.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_database_control | 11.2.0.4 | |
| oracle | enterprise_manager_grid_control | 11.1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34EC1312-4E87-421D-A381-C658330B2A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F30D6CBB-34FB-415A-B9DA-B70E73A29CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "57D79A1C-D449-4E83-9BEA-EE888F8DE3F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB215790-E35D-4735-9A91-92026FC97EAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A0AF0-2A77-4860-BD83-EA5A05D0E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Enterprise Manager for Oracle Database en Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; y EM DB Control 11.1.0.7, 11.2.0.3 y 11.2.0.4, permite a usuarios remotos autenticados afectar la confidencialidad e integridad a trav\u00e9s de vectores desconocidos relacionados con Content Management."
}
],
"id": "CVE-2015-2647",
"lastModified": "2024-11-21T02:27:46.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-16T11:00:07.330",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1032918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032918"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-04 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "335143DB-4538-49F4-BAFB-C47802318667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:collaboration_suite:release_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1A1DC8-A38C-4061-A825-C6CC2ED453E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD7B7B5-4C37-4EC7-8B1D-66C1E5043E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E237E5-9E1A-4F20-9A3D-E3418E3B1329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F57A5AE0-90B5-410E-8878-BD514C3B7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7EAC35-E890-444A-B070-C91382F2E242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69568B66-122B-4946-B630-2960DAA1885E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6E1838-B4DA-4F62-8713-9E8D7E79CDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E4A5C-8D0F-4105-8618-26586BEDE84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FEA4F-B1C7-4250-81FD-AC1289769348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*",
"matchCriteriaId": "E3595689-13AE-4349-8684-D73D33D4A9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53F57A30-BE27-4F93-B8E4-B0956007F625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074FCED-60D9-4B07-8A6F-85A89C8CFC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "016AFE8B-049D-4BA9-9270-E18DFDFDC61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF667575-AD5F-43D6-B7BF-F255C1A14A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C033CC3-1840-49A1-AB6E-3EC8CE1F0BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEA97EC-FC86-4F53-A134-B98F25892BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E41C0DB6-CD92-4FDC-A705-83CFB92C062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC43855-2664-42CC-87DD-3C90DB1430C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25A4D091-1D89-484E-A3F7-0F98F8814686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D96A60B5-7B83-4E94-AF2B-AF3DF28EE1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5C8D47-953E-41DF-9852-955611F6D387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4798CAE-9AAA-4623-85B2-309DB46DD28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "121CF7A1-1710-4DA1-B7B6-028557D3FA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "616AD7A7-C8F3-4125-8E26-64109EA40730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7365AA-ACDA-461A-A84C-6B4FF04F295F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C22E50-FDB8-4314-9F36-70D0130EAA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C65AC14-2AA0-4475-9932-E4AEA410CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA730ABB-F315-4F7F-B820-33C5558B05DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CE4E08-4892-419D-AC51-68DD42073092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF52682E-0AB7-4C3F-94D4-7B4A7E08F2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C65C2671-2FFE-4461-A570-72E3BBC312D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6_.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA59E72F-ACC1-44F3-AE63-B42F1EB83F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CB4061-855C-4DAA-BDAD-AA1E68EFC1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07F81AC9-DEBD-4B04-8753-C68BAE509B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0785C55D-183D-42D8-A9F9-DBD297FE7F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8086BBDC-76BE-47C0-8F11-CEC57A23FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BAAEF7-74CA-4C4F-8D52-AC4D5DE2E0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EECAE774-22F3-4872-9E05-A14376F3883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA7E8B-263B-40A2-B6D8-8A303A7D4358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "085FF0CB-B426-4DCB-9411-017A45280A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4991B9-67A9-4EE9-A30F-27950BF3A3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2201796B-013B-4440-B366-1F2966AA86FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43C6FFA8-18A6-4EE1-BE10-A1B7F3C1A47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F90F6C4F-CEF5-4172-97FC-617B71EAA636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFA2A5C-B289-4505-85F5-7F6F0222B552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E876825-D6E5-4958-B737-4CE43A32BEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E07567-754A-40C0-9428-D151880EE6F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6233345D-5100-404A-9B61-524D9679D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB739C3-A9BD-433F-8547-12BC615DB18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7231B057-9B7E-43CA-9E91-6DF74D6ADAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D7A3CB-54CC-4CD9-9672-366233BF0CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58DB0B6B-EB97-448A-B63E-E5997382DD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA77BC6D-661F-46E9-B144-1587C1192B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F9C7F3-8140-4FEF-8319-64CE51B830AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68286D06-9EBA-4FBD-AB0B-D80993895416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C059683-E0A1-4E97-B393-CB6B0EACF7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5675664-7036-48D0-9524-0350F626D4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9F3EE8-DA8B-4605-B70B-CFCA25B07C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DE0FB4-3C1A-460D-B48E-11D7AF415A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "597EE9ED-6A95-46C7-BE83-ADEC6AA65341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAD9D1D-A7E5-4D88-B93B-C518BF1986AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E46FE2E-CA1A-4970-81FF-0BFFF2CF6849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE7A2B1-A161-4A20-9EEC-B1EF7F2E387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D65D66A0-23F7-4110-AF71-05CBFB3F92F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F207CBC6-D186-418D-8F11-3E623530E00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB2708A-58D1-4F17-8504-3748D6667788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B1C7A-287A-405F-B44E-85F891183D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34FC1E19-8F20-4215-8D90-E42EF7126BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB172848-A873-4137-A335-AD034806A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B78BD7D2-7B48-438C-8C24-01C4007C1A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDCC0D1-32AD-4902-8383-2AA169C3F3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4D70A8-A6FE-4F82-82F1-AB1E9C28FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F64908D-FDAA-499B-8060-8A6EC2443418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E77BCF6E-0D09-4DAF-B147-D11FEEE7371C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory."
}
],
"id": "CVE-2004-1369",
"lastModified": "2024-11-20T23:50:42.867",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110382524401468\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004F.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110382524401468\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004F.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18664"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-17 01:55
Modified
2024-11-21 01:47
Severity ?
Summary
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Policy Framework.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | enterprise_manager_database_control | 11.1.0.7 | |
| oracle | enterprise_manager_database_control | 11.2.0.2 | |
| oracle | enterprise_manager_database_control | 11.2.0.3 | |
| oracle | enterprise_manager_grid_control | 10.2.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C20B70E-13D8-4D80-A87F-16072661B795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Policy Framework."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el componente Enterprise Manager Base Platform en Oracle Enterprise Manager Grid Control EM Base Platform v10.2.0.5, y EM DB Control v11.1.0.7, v11.2.0.2, y v11.2.0.3, que permite a atacantes remotos para afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con el marco de pol\u00edtica."
}
],
"id": "CVE-2013-0354",
"lastModified": "2024-11-21T01:47:22.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-17T01:55:03.420",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/57126"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-04 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "335143DB-4538-49F4-BAFB-C47802318667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:collaboration_suite:release_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1A1DC8-A38C-4061-A825-C6CC2ED453E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD7B7B5-4C37-4EC7-8B1D-66C1E5043E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E237E5-9E1A-4F20-9A3D-E3418E3B1329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F57A5AE0-90B5-410E-8878-BD514C3B7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7EAC35-E890-444A-B070-C91382F2E242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69568B66-122B-4946-B630-2960DAA1885E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6E1838-B4DA-4F62-8713-9E8D7E79CDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E4A5C-8D0F-4105-8618-26586BEDE84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FEA4F-B1C7-4250-81FD-AC1289769348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*",
"matchCriteriaId": "E3595689-13AE-4349-8684-D73D33D4A9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53F57A30-BE27-4F93-B8E4-B0956007F625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074FCED-60D9-4B07-8A6F-85A89C8CFC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "016AFE8B-049D-4BA9-9270-E18DFDFDC61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF667575-AD5F-43D6-B7BF-F255C1A14A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C033CC3-1840-49A1-AB6E-3EC8CE1F0BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEA97EC-FC86-4F53-A134-B98F25892BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E41C0DB6-CD92-4FDC-A705-83CFB92C062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC43855-2664-42CC-87DD-3C90DB1430C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25A4D091-1D89-484E-A3F7-0F98F8814686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D96A60B5-7B83-4E94-AF2B-AF3DF28EE1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5C8D47-953E-41DF-9852-955611F6D387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4798CAE-9AAA-4623-85B2-309DB46DD28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "121CF7A1-1710-4DA1-B7B6-028557D3FA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "616AD7A7-C8F3-4125-8E26-64109EA40730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7365AA-ACDA-461A-A84C-6B4FF04F295F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C22E50-FDB8-4314-9F36-70D0130EAA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C65AC14-2AA0-4475-9932-E4AEA410CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA730ABB-F315-4F7F-B820-33C5558B05DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CE4E08-4892-419D-AC51-68DD42073092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF52682E-0AB7-4C3F-94D4-7B4A7E08F2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C65C2671-2FFE-4461-A570-72E3BBC312D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6_.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA59E72F-ACC1-44F3-AE63-B42F1EB83F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CB4061-855C-4DAA-BDAD-AA1E68EFC1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07F81AC9-DEBD-4B04-8753-C68BAE509B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0785C55D-183D-42D8-A9F9-DBD297FE7F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8086BBDC-76BE-47C0-8F11-CEC57A23FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BAAEF7-74CA-4C4F-8D52-AC4D5DE2E0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EECAE774-22F3-4872-9E05-A14376F3883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA7E8B-263B-40A2-B6D8-8A303A7D4358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "085FF0CB-B426-4DCB-9411-017A45280A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4991B9-67A9-4EE9-A30F-27950BF3A3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2201796B-013B-4440-B366-1F2966AA86FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43C6FFA8-18A6-4EE1-BE10-A1B7F3C1A47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F90F6C4F-CEF5-4172-97FC-617B71EAA636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFA2A5C-B289-4505-85F5-7F6F0222B552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E876825-D6E5-4958-B737-4CE43A32BEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E07567-754A-40C0-9428-D151880EE6F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6233345D-5100-404A-9B61-524D9679D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB739C3-A9BD-433F-8547-12BC615DB18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7231B057-9B7E-43CA-9E91-6DF74D6ADAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D7A3CB-54CC-4CD9-9672-366233BF0CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58DB0B6B-EB97-448A-B63E-E5997382DD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA77BC6D-661F-46E9-B144-1587C1192B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F9C7F3-8140-4FEF-8319-64CE51B830AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68286D06-9EBA-4FBD-AB0B-D80993895416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C059683-E0A1-4E97-B393-CB6B0EACF7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5675664-7036-48D0-9524-0350F626D4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9F3EE8-DA8B-4605-B70B-CFCA25B07C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DE0FB4-3C1A-460D-B48E-11D7AF415A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "597EE9ED-6A95-46C7-BE83-ADEC6AA65341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAD9D1D-A7E5-4D88-B93B-C518BF1986AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E46FE2E-CA1A-4970-81FF-0BFFF2CF6849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE7A2B1-A161-4A20-9EEC-B1EF7F2E387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D65D66A0-23F7-4110-AF71-05CBFB3F92F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F207CBC6-D186-418D-8F11-3E623530E00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB2708A-58D1-4F17-8504-3748D6667788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B1C7A-287A-405F-B44E-85F891183D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34FC1E19-8F20-4215-8D90-E42EF7126BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB172848-A873-4137-A335-AD034806A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B78BD7D2-7B48-438C-8C24-01C4007C1A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDCC0D1-32AD-4902-8383-2AA169C3F3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4D70A8-A6FE-4F82-82F1-AB1E9C28FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F64908D-FDAA-499B-8060-8A6EC2443418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E77BCF6E-0D09-4DAF-B147-D11FEEE7371C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges."
}
],
"id": "CVE-2004-1366",
"lastModified": "2024-11-20T23:50:42.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/archive/1/385323"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/archive/1/385323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18661"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-04 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "335143DB-4538-49F4-BAFB-C47802318667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:collaboration_suite:release_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1A1DC8-A38C-4061-A825-C6CC2ED453E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD7B7B5-4C37-4EC7-8B1D-66C1E5043E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E237E5-9E1A-4F20-9A3D-E3418E3B1329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F57A5AE0-90B5-410E-8878-BD514C3B7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7EAC35-E890-444A-B070-C91382F2E242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69568B66-122B-4946-B630-2960DAA1885E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6E1838-B4DA-4F62-8713-9E8D7E79CDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E4A5C-8D0F-4105-8618-26586BEDE84B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FEA4F-B1C7-4250-81FD-AC1289769348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*",
"matchCriteriaId": "E3595689-13AE-4349-8684-D73D33D4A9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53F57A30-BE27-4F93-B8E4-B0956007F625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074FCED-60D9-4B07-8A6F-85A89C8CFC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "016AFE8B-049D-4BA9-9270-E18DFDFDC61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF667575-AD5F-43D6-B7BF-F255C1A14A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C033CC3-1840-49A1-AB6E-3EC8CE1F0BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEA97EC-FC86-4F53-A134-B98F25892BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:personal_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E41C0DB6-CD92-4FDC-A705-83CFB92C062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_9.0.4_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC43855-2664-42CC-87DD-3C90DB1430C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle10g:standard_10.1_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25A4D091-1D89-484E-A3F7-0F98F8814686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D96A60B5-7B83-4E94-AF2B-AF3DF28EE1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5C8D47-953E-41DF-9852-955611F6D387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4798CAE-9AAA-4623-85B2-309DB46DD28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "121CF7A1-1710-4DA1-B7B6-028557D3FA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "616AD7A7-C8F3-4125-8E26-64109EA40730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7365AA-ACDA-461A-A84C-6B4FF04F295F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42C22E50-FDB8-4314-9F36-70D0130EAA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C65AC14-2AA0-4475-9932-E4AEA410CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA730ABB-F315-4F7F-B820-33C5558B05DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CE4E08-4892-419D-AC51-68DD42073092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF52682E-0AB7-4C3F-94D4-7B4A7E08F2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C65C2671-2FFE-4461-A570-72E3BBC312D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.0.6_.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA59E72F-ACC1-44F3-AE63-B42F1EB83F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CB4061-855C-4DAA-BDAD-AA1E68EFC1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07F81AC9-DEBD-4B04-8753-C68BAE509B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0785C55D-183D-42D8-A9F9-DBD297FE7F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8086BBDC-76BE-47C0-8F11-CEC57A23FC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BAAEF7-74CA-4C4F-8D52-AC4D5DE2E0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EECAE774-22F3-4872-9E05-A14376F3883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA7E8B-263B-40A2-B6D8-8A303A7D4358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "085FF0CB-B426-4DCB-9411-017A45280A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4991B9-67A9-4EE9-A30F-27950BF3A3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2201796B-013B-4440-B366-1F2966AA86FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43C6FFA8-18A6-4EE1-BE10-A1B7F3C1A47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F90F6C4F-CEF5-4172-97FC-617B71EAA636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFA2A5C-B289-4505-85F5-7F6F0222B552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E876825-D6E5-4958-B737-4CE43A32BEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E07567-754A-40C0-9428-D151880EE6F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6233345D-5100-404A-9B61-524D9679D9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB739C3-A9BD-433F-8547-12BC615DB18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7231B057-9B7E-43CA-9E91-6DF74D6ADAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D7A3CB-54CC-4CD9-9672-366233BF0CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58DB0B6B-EB97-448A-B63E-E5997382DD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA77BC6D-661F-46E9-B144-1587C1192B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F9C7F3-8140-4FEF-8319-64CE51B830AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68286D06-9EBA-4FBD-AB0B-D80993895416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C059683-E0A1-4E97-B393-CB6B0EACF7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5675664-7036-48D0-9524-0350F626D4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9F3EE8-DA8B-4605-B70B-CFCA25B07C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DE0FB4-3C1A-460D-B48E-11D7AF415A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "597EE9ED-6A95-46C7-BE83-ADEC6AA65341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAD9D1D-A7E5-4D88-B93B-C518BF1986AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E46FE2E-CA1A-4970-81FF-0BFFF2CF6849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE7A2B1-A161-4A20-9EEC-B1EF7F2E387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D65D66A0-23F7-4110-AF71-05CBFB3F92F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F207CBC6-D186-418D-8F11-3E623530E00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB2708A-58D1-4F17-8504-3748D6667788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E83B1C7A-287A-405F-B44E-85F891183D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34FC1E19-8F20-4215-8D90-E42EF7126BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB172848-A873-4137-A335-AD034806A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B78BD7D2-7B48-438C-8C24-01C4007C1A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDCC0D1-32AD-4902-8383-2AA169C3F3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4D70A8-A6FE-4F82-82F1-AB1E9C28FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F64908D-FDAA-499B-8060-8A6EC2443418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E77BCF6E-0D09-4DAF-B147-D11FEEE7371C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user."
}
],
"id": "CVE-2004-1365",
"lastModified": "2024-11-20T23:50:42.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110382471608835\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004C.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110382471608835\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/316206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/oracle23122004C.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18662"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}