Wazi » database_server

Database Server 10.2.0.4 [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.4 [Medium]

Description

Unspecified vulnerability in the Data Mining component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DMP_SYS.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1007
Severity: Medium

NIST National Vulnerabilities Database

Database Server 10.2.0.4 [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.4 [Medium]

Description

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LTRIC (WMSYS.LTRIC).

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1018
Severity: Medium

NIST National Vulnerabilities Database

Database Server 10.2.0.4 [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.4 [Medium]

Description

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1964
Severity: Medium

NIST National Vulnerabilities Database

Database Server 10.1.0.5 and prior [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.1.0.5 and prior [Medium]

Description

Unspecified vulnerability in the Net Foundation Layer component in Oracle Database 9.2.0.8 and 10.1.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1965
Severity: Medium

NIST National Vulnerabilities Database

Database Server 11.1.0.7 and prior [Low]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 11.1.0.7 and prior [Low]

Description

Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.7 allows remote authenticated users to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1971
Severity: Low

NIST National Vulnerabilities Database

Database Server 11.1.0.7 and prior [Low]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 11.1.0.7 and prior [Low]

Description

Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL and DBMS_SQL.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1972
Severity: Low

NIST National Vulnerabilities Database

Database Server 10.2.0.4 and prior [Unknown Severity]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.4 and prior [Unknown Severity]

Description

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1979
Severity: Unknown Severity

NIST National Vulnerabilities Database

Database Server 10.2.0.4 and prior [Unknown Severity]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.4 and prior [Unknown Severity]

Description

Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1985
Severity: Unknown Severity

NIST National Vulnerabilities Database

Database Server 10.2.0.4 and prior [Low]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.4 and prior [Low]

Description

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1991
Severity: Low

NIST National Vulnerabilities Database

Database Server 10.2.0.4 and prior [Unknown Severity]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.4 and prior [Unknown Severity]

Description

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1992
Severity: Unknown Severity

NIST National Vulnerabilities Database

Database Server 3.0.1 [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 3.0.1 [Medium]

Description

Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS_030000.WWV_EXECUTE_IMMEDIATE.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1993
Severity: Medium

NIST National Vulnerabilities Database

Database Server 10.1.0.5 [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.1.0.5 [Medium]

Description

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to MDSYS.PRVT_CMT_CBK.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1994
Severity: Medium

NIST National Vulnerabilities Database

Database Server 11.1.0.7 and prior [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 11.1.0.7 and prior [Medium]

Description

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_AQ_INV.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1995
Severity: Medium

NIST National Vulnerabilities Database

Database Server 11.1.0.7 and prior [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 11.1.0.7 and prior [Medium]

Description

Unspecified vulnerability in the Authentication component in Oracle Database 10.2.0.3 and 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1997
Severity: Medium

NIST National Vulnerabilities Database

Database Server 11.1.0.7 [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 11.1.0.7 [Medium]

Description

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-2000
Severity: Medium

NIST National Vulnerabilities Database

Database Server 11.1.0.7 and prior [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 11.1.0.7 and prior [Medium]

Description

Unspecified vulnerability in the PL/SQL component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-2001
Severity: Medium

NIST National Vulnerabilities Database

Database Server 10.2.0.4 and prior [Low]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.4 and prior [Low]

Description

Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to CTXSYS.DRVXTABC. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commented on claims from an established researcher that this is for multiple SQL injection vulnerabilities via the (1) idx_owner or (2) idx_name parameters to the create_tables procedure.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1991
Severity: Low

NIST National Vulnerabilities Database

Database Server 10.2.0.4 and prior [Unknown Severity]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.4 and prior [Unknown Severity]

Description

Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commented on claims from an independent researcher that this is related to improper validation of the AUTH_SESSKEY parameter length that leads to arbitrary code execution.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1979
Severity: Unknown Severity

NIST National Vulnerabilities Database

Database Server 10.2.0.3 and prior [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.3 and prior [Medium]

Description

Unspecified vulnerability in the Upgrade component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-0987
Severity: Medium

NIST National Vulnerabilities Database

Database Server 10.2.0.4 and prior [Medium]

Security Team — Tue, 30 Nov 1999 06:00:00 +0000

Affects:

Database Server 10.2.0.4 and prior [Medium]

Description

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.05, and 10.2.04 allows remote authenticated users to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-1015
Severity: Medium

NIST National Vulnerabilities Database