Search

Find a vulnerability

Search criteria

    104 vulnerabilities found for oracle9i by oracle

    CVE-2006-6703 (GCVE-0-2006-6703)

    Vulnerability from nvd – Published: 2006-12-23 01:00 – Updated: 2024-08-07 20:34
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/455143/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2006/5143 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/21717 vdb-entryx_refsource_BID
    Date Public
    2006-12-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:34:00.447Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061222 Oracle Applications/Portal 9i/10g Cross Site Scripting",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/455143/100/0/threaded"
              },
              {
                "name": "ADV-2006-5143",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/5143"
              },
              {
                "name": "21717",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21717"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-12-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061222 Oracle Applications/Portal 9i/10g Cross Site Scripting",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/455143/100/0/threaded"
            },
            {
              "name": "ADV-2006-5143",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/5143"
            },
            {
              "name": "21717",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21717"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6703",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061222 Oracle Applications/Portal 9i/10g Cross Site Scripting",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/455143/100/0/threaded"
                },
                {
                  "name": "ADV-2006-5143",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/5143"
                },
                {
                  "name": "21717",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21717"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6703",
        "datePublished": "2006-12-23T01:00:00.000Z",
        "dateReserved": "2006-12-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:34:00.447Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1705 (GCVE-0-2006-1705)

    Vulnerability from nvd – Published: 2006-04-11 10:00 – Updated: 2024-08-07 17:19
    VLAI
    Summary
    Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.kb.cert.org/vuls/id/805737 third-party-advisoryx_refsource_CERT-VN
    http://www.red-database-security.com/advisory/ora… x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/19574 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1015886 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/1297 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/17426 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/430434/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-04-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:19:49.388Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044990.html"
              },
              {
                "name": "VU#805737",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/805737"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/oracle_modify_data_via_views.html"
              },
              {
                "name": "oracle-base-table-data-manipulation(25696)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25696"
              },
              {
                "name": "19574",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19574"
              },
              {
                "name": "1015886",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015886"
              },
              {
                "name": "ADV-2006-1297",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1297"
              },
              {
                "name": "17426",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17426"
              },
              {
                "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/430434/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-04-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with \"SELECT\" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044990.html"
            },
            {
              "name": "VU#805737",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/805737"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/oracle_modify_data_via_views.html"
            },
            {
              "name": "oracle-base-table-data-manipulation(25696)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25696"
            },
            {
              "name": "19574",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19574"
            },
            {
              "name": "1015886",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015886"
            },
            {
              "name": "ADV-2006-1297",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1297"
            },
            {
              "name": "17426",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17426"
            },
            {
              "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/430434/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1705",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with \"SELECT\" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044990.html"
                },
                {
                  "name": "VU#805737",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/805737"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/oracle_modify_data_via_views.html",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/oracle_modify_data_via_views.html"
                },
                {
                  "name": "oracle-base-table-data-manipulation(25696)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25696"
                },
                {
                  "name": "19574",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19574"
                },
                {
                  "name": "1015886",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015886"
                },
                {
                  "name": "ADV-2006-1297",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1297"
                },
                {
                  "name": "17426",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17426"
                },
                {
                  "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/430434/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1705",
        "datePublished": "2006-04-11T10:00:00.000Z",
        "dateReserved": "2006-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:19:49.388Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0552 (GCVE-0-2006-0552)

    Vulnerability from nvd – Published: 2006-02-04 11:00 – Updated: 2024-08-07 16:41
    VLAI
    Summary
    Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/22549 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/18493 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/0323 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/16287 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/545804 third-party-advisoryx_refsource_CERT-VN
    http://securitytracker.com/id?1015499 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/0243 vdb-entryx_refsource_VUPEN
    http://www.oracle.com/technetwork/topics/security… x_refsource_CONFIRM
    http://secunia.com/advisories/18608 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-01-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:41:28.978Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "22549",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22549"
              },
              {
                "name": "oracle-january2006-update(24321)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
              },
              {
                "name": "18493",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18493"
              },
              {
                "name": "ADV-2006-0323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0323"
              },
              {
                "name": "16287",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16287"
              },
              {
                "name": "VU#545804",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/545804"
              },
              {
                "name": "1015499",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015499"
              },
              {
                "name": "ADV-2006-0243",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
              },
              {
                "name": "18608",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18608"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "22549",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22549"
            },
            {
              "name": "oracle-january2006-update(24321)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
            },
            {
              "name": "18493",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18493"
            },
            {
              "name": "ADV-2006-0323",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0323"
            },
            {
              "name": "16287",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16287"
            },
            {
              "name": "VU#545804",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/545804"
            },
            {
              "name": "1015499",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015499"
            },
            {
              "name": "ADV-2006-0243",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
            },
            {
              "name": "18608",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18608"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0552",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "22549",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22549"
                },
                {
                  "name": "oracle-january2006-update(24321)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
                },
                {
                  "name": "18493",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18493"
                },
                {
                  "name": "ADV-2006-0323",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0323"
                },
                {
                  "name": "16287",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16287"
                },
                {
                  "name": "VU#545804",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/545804"
                },
                {
                  "name": "1015499",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015499"
                },
                {
                  "name": "ADV-2006-0243",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0243"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
                },
                {
                  "name": "18608",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18608"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0552",
        "datePublished": "2006-02-04T11:00:00.000Z",
        "dateReserved": "2006-02-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:41:28.978Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0271 (GCVE-0-2006-0271)

    Vulnerability from nvd – Published: 2006-01-18 11:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    Unspecified vulnerability in the Upgrade & Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB28. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the DBMS_REGISTRY package in certain parameters to the (1) IS_COMPONENT, (2) GET_COMP_OPTION, (3) DISABLE_DDL_TRIGGERS, (4) SCRIPT_EXISTS, (5) COMP_PATH, (6) GATHER_STATS, (7) NOTHING_SCRIPT, and (8) VALIDATE_COMPONENTS functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.red-database-security.com/advisory/ora… x_refsource_MISC
    http://secunia.com/advisories/18493 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/0323 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/16287 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/545804 third-party-advisoryx_refsource_CERT-VN
    http://www.osvdb.org/22566 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1015499 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/0243 vdb-entryx_refsource_VUPEN
    http://www.oracle.com/technetwork/topics/security… x_refsource_CONFIRM
    http://secunia.com/advisories/18608 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-01-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.180Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oracle-january2006-update(24321)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
              },
              {
                "name": "18493",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18493"
              },
              {
                "name": "ADV-2006-0323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0323"
              },
              {
                "name": "16287",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16287"
              },
              {
                "name": "VU#545804",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/545804"
              },
              {
                "name": "22566",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22566"
              },
              {
                "name": "1015499",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015499"
              },
              {
                "name": "ADV-2006-0243",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
              },
              {
                "name": "18608",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18608"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Upgrade \u0026 Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB28.  NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the DBMS_REGISTRY package in certain parameters to the (1) IS_COMPONENT, (2) GET_COMP_OPTION, (3) DISABLE_DDL_TRIGGERS, (4) SCRIPT_EXISTS, (5) COMP_PATH, (6) GATHER_STATS, (7) NOTHING_SCRIPT, and (8) VALIDATE_COMPONENTS functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oracle-january2006-update(24321)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
            },
            {
              "name": "18493",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18493"
            },
            {
              "name": "ADV-2006-0323",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0323"
            },
            {
              "name": "16287",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16287"
            },
            {
              "name": "VU#545804",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/545804"
            },
            {
              "name": "22566",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22566"
            },
            {
              "name": "1015499",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015499"
            },
            {
              "name": "ADV-2006-0243",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
            },
            {
              "name": "18608",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18608"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0271",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the Upgrade \u0026 Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB28.  NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the DBMS_REGISTRY package in certain parameters to the (1) IS_COMPONENT, (2) GET_COMP_OPTION, (3) DISABLE_DDL_TRIGGERS, (4) SCRIPT_EXISTS, (5) COMP_PATH, (6) GATHER_STATS, (7) NOTHING_SCRIPT, and (8) VALIDATE_COMPONENTS functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oracle-january2006-update(24321)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
                },
                {
                  "name": "18493",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18493"
                },
                {
                  "name": "ADV-2006-0323",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0323"
                },
                {
                  "name": "16287",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16287"
                },
                {
                  "name": "VU#545804",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/545804"
                },
                {
                  "name": "22566",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22566"
                },
                {
                  "name": "1015499",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015499"
                },
                {
                  "name": "ADV-2006-0243",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0243"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
                },
                {
                  "name": "18608",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18608"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0271",
        "datePublished": "2006-01-18T11:00:00.000Z",
        "dateReserved": "2006-01-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.180Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0262 (GCVE-0-2006-0262)

    Vulnerability from nvd – Published: 2006-01-18 11:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/18493 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/0323 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/16287 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/545804 third-party-advisoryx_refsource_CERT-VN
    http://securitytracker.com/id?1015499 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/0243 vdb-entryx_refsource_VUPEN
    http://www.oracle.com/technetwork/topics/security… x_refsource_CONFIRM
    http://secunia.com/advisories/18608 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-01-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.063Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oracle-january2006-update(24321)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
              },
              {
                "name": "18493",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18493"
              },
              {
                "name": "ADV-2006-0323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0323"
              },
              {
                "name": "16287",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16287"
              },
              {
                "name": "VU#545804",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/545804"
              },
              {
                "name": "1015499",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015499"
              },
              {
                "name": "ADV-2006-0243",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
              },
              {
                "name": "18608",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18608"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oracle-january2006-update(24321)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
            },
            {
              "name": "18493",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18493"
            },
            {
              "name": "ADV-2006-0323",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0323"
            },
            {
              "name": "16287",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16287"
            },
            {
              "name": "VU#545804",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/545804"
            },
            {
              "name": "1015499",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015499"
            },
            {
              "name": "ADV-2006-0243",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
            },
            {
              "name": "18608",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18608"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0262",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oracle-january2006-update(24321)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
                },
                {
                  "name": "18493",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18493"
                },
                {
                  "name": "ADV-2006-0323",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0323"
                },
                {
                  "name": "16287",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16287"
                },
                {
                  "name": "VU#545804",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/545804"
                },
                {
                  "name": "1015499",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015499"
                },
                {
                  "name": "ADV-2006-0243",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0243"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
                },
                {
                  "name": "18608",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18608"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0262",
        "datePublished": "2006-01-18T11:00:00.000Z",
        "dateReserved": "2006-01-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.063Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0272 (GCVE-0-2006-0272)

    Vulnerability from nvd – Published: 2006-01-18 11:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-01-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.087Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf"
              },
              {
                "name": "oracle-january2006-update(24321)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
              },
              {
                "name": "20060126 [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT}",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0893.html"
              },
              {
                "name": "18493",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18493"
              },
              {
                "name": "ADV-2006-0323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0323"
              },
              {
                "name": "16287",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16287"
              },
              {
                "name": "TA06-018A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA06-018A.html"
              },
              {
                "name": "VU#545804",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/545804"
              },
              {
                "name": "1015499",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015499"
              },
              {
                "name": "ADV-2006-0243",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
              },
              {
                "name": "18608",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18608"
              },
              {
                "name": "VU#891644",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/891644"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt"
              },
              {
                "name": "oracle-xdbdbmx-xmlschema-bo(24376)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24376"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29.  NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf"
            },
            {
              "name": "oracle-january2006-update(24321)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
            },
            {
              "name": "20060126 [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT}",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0893.html"
            },
            {
              "name": "18493",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18493"
            },
            {
              "name": "ADV-2006-0323",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0323"
            },
            {
              "name": "16287",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16287"
            },
            {
              "name": "TA06-018A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-018A.html"
            },
            {
              "name": "VU#545804",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/545804"
            },
            {
              "name": "1015499",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015499"
            },
            {
              "name": "ADV-2006-0243",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
            },
            {
              "name": "18608",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18608"
            },
            {
              "name": "VU#891644",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/891644"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt"
            },
            {
              "name": "oracle-xdbdbmx-xmlschema-bo(24376)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24376"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0272",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29.  NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf",
                  "refsource": "MISC",
                  "url": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf"
                },
                {
                  "name": "oracle-january2006-update(24321)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
                },
                {
                  "name": "20060126 [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT}",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0893.html"
                },
                {
                  "name": "18493",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18493"
                },
                {
                  "name": "ADV-2006-0323",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0323"
                },
                {
                  "name": "16287",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16287"
                },
                {
                  "name": "TA06-018A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA06-018A.html"
                },
                {
                  "name": "VU#545804",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/545804"
                },
                {
                  "name": "1015499",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015499"
                },
                {
                  "name": "ADV-2006-0243",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0243"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
                },
                {
                  "name": "18608",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18608"
                },
                {
                  "name": "VU#891644",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/891644"
                },
                {
                  "name": "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt",
                  "refsource": "MISC",
                  "url": "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt"
                },
                {
                  "name": "oracle-xdbdbmx-xmlschema-bo(24376)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24376"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0272",
        "datePublished": "2006-01-18T11:00:00.000Z",
        "dateReserved": "2006-01-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3641 (GCVE-0-2005-3641)

    Vulnerability from nvd – Published: 2005-11-16 21:17 – Updated: 2024-09-16 23:11
    VLAI
    Summary
    Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:23.439Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
              },
              {
                "name": "15450",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15450"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-11-16T21:17:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
            },
            {
              "name": "15450",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15450"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3641",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ngssoftware.com/papers/database-on-xp.pdf",
                  "refsource": "MISC",
                  "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
                },
                {
                  "name": "15450",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15450"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3641",
        "datePublished": "2005-11-16T21:17:00.000Z",
        "dateReserved": "2005-11-16T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:11:46.098Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3204 (GCVE-0-2005-3204)

    Vulnerability from nvd – Published: 2005-10-14 04:00 – Updated: 2024-08-07 23:01
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/66 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/15034 vdb-entryx_refsource_BID
    http://www.red-database-security.com/advisory/ora… x_refsource_MISC
    http://secunia.com/advisories/15991/ third-party-advisoryx_refsource_SECUNIA
    http://www.oracle.com/technology/deploy/security/… x_refsource_MISC
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=112870541502542&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/20054 vdb-entryx_refsource_OSVDB
    Date Public
    2005-07-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:01:58.995Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "66",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/66"
              },
              {
                "name": "15034",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15034"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/oracle_xmldb_css.html"
              },
              {
                "name": "15991",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/15991/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html"
              },
              {
                "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0177.html"
              },
              {
                "name": "oracle-xmldb-xss(22541)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22541"
              },
              {
                "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=112870541502542\u0026w=2"
              },
              {
                "name": "20054",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/20054"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-07-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "66",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/66"
            },
            {
              "name": "15034",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15034"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/oracle_xmldb_css.html"
            },
            {
              "name": "15991",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/15991/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html"
            },
            {
              "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0177.html"
            },
            {
              "name": "oracle-xmldb-xss(22541)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22541"
            },
            {
              "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=112870541502542\u0026w=2"
            },
            {
              "name": "20054",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/20054"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3204",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "66",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/66"
                },
                {
                  "name": "15034",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15034"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/oracle_xmldb_css.html",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/oracle_xmldb_css.html"
                },
                {
                  "name": "15991",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/15991/"
                },
                {
                  "name": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html",
                  "refsource": "MISC",
                  "url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html"
                },
                {
                  "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0177.html"
                },
                {
                  "name": "oracle-xmldb-xss(22541)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22541"
                },
                {
                  "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=112870541502542\u0026w=2"
                },
                {
                  "name": "20054",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/20054"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3204",
        "datePublished": "2005-10-14T04:00:00.000Z",
        "dateReserved": "2005-10-14T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:01:58.995Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-1495 (GCVE-0-2005-1495)

    Vulnerability from nvd – Published: 2005-05-11 04:00 – Updated: 2024-08-07 21:51
    VLAI
    Summary
    Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/16258 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/777773 third-party-advisoryx_refsource_CERT-VN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.red-database-security.com/advisory/ora… x_refsource_MISC
    http://marc.info/?l=bugtraq&m=111531683824209&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2005-05-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:51:50.392Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16258",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16258"
              },
              {
                "name": "VU#777773",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/777773"
              },
              {
                "name": "oracle-audit-data-manipulation(20407)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20407"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/oracle-fine-grained-auditing-issue.html"
              },
              {
                "name": "20050505 Oracle 9i / 10g Fine Grained Auditing Issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111531683824209\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-05-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16258",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16258"
            },
            {
              "name": "VU#777773",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/777773"
            },
            {
              "name": "oracle-audit-data-manipulation(20407)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20407"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/oracle-fine-grained-auditing-issue.html"
            },
            {
              "name": "20050505 Oracle 9i / 10g Fine Grained Auditing Issue",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111531683824209\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-1495",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16258",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16258"
                },
                {
                  "name": "VU#777773",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/777773"
                },
                {
                  "name": "oracle-audit-data-manipulation(20407)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20407"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/oracle-fine-grained-auditing-issue.html",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/oracle-fine-grained-auditing-issue.html"
                },
                {
                  "name": "20050505 Oracle 9i / 10g Fine Grained Auditing Issue",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111531683824209\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-1495",
        "datePublished": "2005-05-11T04:00:00.000Z",
        "dateReserved": "2005-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:51:50.392Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6703 (GCVE-0-2006-6703)

    Vulnerability from cvelistv5 – Published: 2006-12-23 01:00 – Updated: 2024-08-07 20:34
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/455143/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2006/5143 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/21717 vdb-entryx_refsource_BID
    Date Public
    2006-12-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:34:00.447Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061222 Oracle Applications/Portal 9i/10g Cross Site Scripting",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/455143/100/0/threaded"
              },
              {
                "name": "ADV-2006-5143",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/5143"
              },
              {
                "name": "21717",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21717"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-12-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061222 Oracle Applications/Portal 9i/10g Cross Site Scripting",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/455143/100/0/threaded"
            },
            {
              "name": "ADV-2006-5143",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/5143"
            },
            {
              "name": "21717",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21717"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6703",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061222 Oracle Applications/Portal 9i/10g Cross Site Scripting",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/455143/100/0/threaded"
                },
                {
                  "name": "ADV-2006-5143",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/5143"
                },
                {
                  "name": "21717",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21717"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6703",
        "datePublished": "2006-12-23T01:00:00.000Z",
        "dateReserved": "2006-12-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:34:00.447Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1705 (GCVE-0-2006-1705)

    Vulnerability from cvelistv5 – Published: 2006-04-11 10:00 – Updated: 2024-08-07 17:19
    VLAI
    Summary
    Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.kb.cert.org/vuls/id/805737 third-party-advisoryx_refsource_CERT-VN
    http://www.red-database-security.com/advisory/ora… x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/19574 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1015886 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/1297 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/17426 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/430434/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-04-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:19:49.388Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044990.html"
              },
              {
                "name": "VU#805737",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/805737"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/oracle_modify_data_via_views.html"
              },
              {
                "name": "oracle-base-table-data-manipulation(25696)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25696"
              },
              {
                "name": "19574",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19574"
              },
              {
                "name": "1015886",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015886"
              },
              {
                "name": "ADV-2006-1297",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1297"
              },
              {
                "name": "17426",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17426"
              },
              {
                "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/430434/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-04-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with \"SELECT\" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044990.html"
            },
            {
              "name": "VU#805737",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/805737"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/oracle_modify_data_via_views.html"
            },
            {
              "name": "oracle-base-table-data-manipulation(25696)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25696"
            },
            {
              "name": "19574",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19574"
            },
            {
              "name": "1015886",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015886"
            },
            {
              "name": "ADV-2006-1297",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1297"
            },
            {
              "name": "17426",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17426"
            },
            {
              "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/430434/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1705",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with \"SELECT\" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044990.html"
                },
                {
                  "name": "VU#805737",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/805737"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/oracle_modify_data_via_views.html",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/oracle_modify_data_via_views.html"
                },
                {
                  "name": "oracle-base-table-data-manipulation(25696)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25696"
                },
                {
                  "name": "19574",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19574"
                },
                {
                  "name": "1015886",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015886"
                },
                {
                  "name": "ADV-2006-1297",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1297"
                },
                {
                  "name": "17426",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17426"
                },
                {
                  "name": "20060410 Oracle read-only user can insert/update/delete data via specially crafted views",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/430434/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1705",
        "datePublished": "2006-04-11T10:00:00.000Z",
        "dateReserved": "2006-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:19:49.388Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0552 (GCVE-0-2006-0552)

    Vulnerability from cvelistv5 – Published: 2006-02-04 11:00 – Updated: 2024-08-07 16:41
    VLAI
    Summary
    Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/22549 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/18493 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/0323 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/16287 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/545804 third-party-advisoryx_refsource_CERT-VN
    http://securitytracker.com/id?1015499 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/0243 vdb-entryx_refsource_VUPEN
    http://www.oracle.com/technetwork/topics/security… x_refsource_CONFIRM
    http://secunia.com/advisories/18608 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-01-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:41:28.978Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "22549",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22549"
              },
              {
                "name": "oracle-january2006-update(24321)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
              },
              {
                "name": "18493",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18493"
              },
              {
                "name": "ADV-2006-0323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0323"
              },
              {
                "name": "16287",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16287"
              },
              {
                "name": "VU#545804",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/545804"
              },
              {
                "name": "1015499",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015499"
              },
              {
                "name": "ADV-2006-0243",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
              },
              {
                "name": "18608",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18608"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "22549",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22549"
            },
            {
              "name": "oracle-january2006-update(24321)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
            },
            {
              "name": "18493",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18493"
            },
            {
              "name": "ADV-2006-0323",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0323"
            },
            {
              "name": "16287",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16287"
            },
            {
              "name": "VU#545804",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/545804"
            },
            {
              "name": "1015499",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015499"
            },
            {
              "name": "ADV-2006-0243",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
            },
            {
              "name": "18608",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18608"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0552",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "22549",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22549"
                },
                {
                  "name": "oracle-january2006-update(24321)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
                },
                {
                  "name": "18493",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18493"
                },
                {
                  "name": "ADV-2006-0323",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0323"
                },
                {
                  "name": "16287",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16287"
                },
                {
                  "name": "VU#545804",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/545804"
                },
                {
                  "name": "1015499",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015499"
                },
                {
                  "name": "ADV-2006-0243",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0243"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
                },
                {
                  "name": "18608",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18608"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0552",
        "datePublished": "2006-02-04T11:00:00.000Z",
        "dateReserved": "2006-02-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:41:28.978Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0271 (GCVE-0-2006-0271)

    Vulnerability from cvelistv5 – Published: 2006-01-18 11:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    Unspecified vulnerability in the Upgrade & Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB28. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the DBMS_REGISTRY package in certain parameters to the (1) IS_COMPONENT, (2) GET_COMP_OPTION, (3) DISABLE_DDL_TRIGGERS, (4) SCRIPT_EXISTS, (5) COMP_PATH, (6) GATHER_STATS, (7) NOTHING_SCRIPT, and (8) VALIDATE_COMPONENTS functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.red-database-security.com/advisory/ora… x_refsource_MISC
    http://secunia.com/advisories/18493 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/0323 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/16287 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/545804 third-party-advisoryx_refsource_CERT-VN
    http://www.osvdb.org/22566 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1015499 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/0243 vdb-entryx_refsource_VUPEN
    http://www.oracle.com/technetwork/topics/security… x_refsource_CONFIRM
    http://secunia.com/advisories/18608 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-01-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.180Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oracle-january2006-update(24321)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
              },
              {
                "name": "18493",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18493"
              },
              {
                "name": "ADV-2006-0323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0323"
              },
              {
                "name": "16287",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16287"
              },
              {
                "name": "VU#545804",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/545804"
              },
              {
                "name": "22566",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22566"
              },
              {
                "name": "1015499",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015499"
              },
              {
                "name": "ADV-2006-0243",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
              },
              {
                "name": "18608",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18608"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Upgrade \u0026 Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB28.  NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the DBMS_REGISTRY package in certain parameters to the (1) IS_COMPONENT, (2) GET_COMP_OPTION, (3) DISABLE_DDL_TRIGGERS, (4) SCRIPT_EXISTS, (5) COMP_PATH, (6) GATHER_STATS, (7) NOTHING_SCRIPT, and (8) VALIDATE_COMPONENTS functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oracle-january2006-update(24321)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
            },
            {
              "name": "18493",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18493"
            },
            {
              "name": "ADV-2006-0323",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0323"
            },
            {
              "name": "16287",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16287"
            },
            {
              "name": "VU#545804",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/545804"
            },
            {
              "name": "22566",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22566"
            },
            {
              "name": "1015499",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015499"
            },
            {
              "name": "ADV-2006-0243",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
            },
            {
              "name": "18608",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18608"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0271",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the Upgrade \u0026 Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB28.  NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the DBMS_REGISTRY package in certain parameters to the (1) IS_COMPONENT, (2) GET_COMP_OPTION, (3) DISABLE_DDL_TRIGGERS, (4) SCRIPT_EXISTS, (5) COMP_PATH, (6) GATHER_STATS, (7) NOTHING_SCRIPT, and (8) VALIDATE_COMPONENTS functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oracle-january2006-update(24321)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
                },
                {
                  "name": "18493",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18493"
                },
                {
                  "name": "ADV-2006-0323",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0323"
                },
                {
                  "name": "16287",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16287"
                },
                {
                  "name": "VU#545804",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/545804"
                },
                {
                  "name": "22566",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22566"
                },
                {
                  "name": "1015499",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015499"
                },
                {
                  "name": "ADV-2006-0243",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0243"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
                },
                {
                  "name": "18608",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18608"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0271",
        "datePublished": "2006-01-18T11:00:00.000Z",
        "dateReserved": "2006-01-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.180Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0262 (GCVE-0-2006-0262)

    Vulnerability from cvelistv5 – Published: 2006-01-18 11:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/18493 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/0323 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/16287 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/545804 third-party-advisoryx_refsource_CERT-VN
    http://securitytracker.com/id?1015499 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/0243 vdb-entryx_refsource_VUPEN
    http://www.oracle.com/technetwork/topics/security… x_refsource_CONFIRM
    http://secunia.com/advisories/18608 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-01-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.063Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oracle-january2006-update(24321)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
              },
              {
                "name": "18493",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18493"
              },
              {
                "name": "ADV-2006-0323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0323"
              },
              {
                "name": "16287",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16287"
              },
              {
                "name": "VU#545804",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/545804"
              },
              {
                "name": "1015499",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015499"
              },
              {
                "name": "ADV-2006-0243",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
              },
              {
                "name": "18608",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18608"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oracle-january2006-update(24321)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
            },
            {
              "name": "18493",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18493"
            },
            {
              "name": "ADV-2006-0323",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0323"
            },
            {
              "name": "16287",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16287"
            },
            {
              "name": "VU#545804",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/545804"
            },
            {
              "name": "1015499",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015499"
            },
            {
              "name": "ADV-2006-0243",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
            },
            {
              "name": "18608",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18608"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0262",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oracle-january2006-update(24321)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
                },
                {
                  "name": "18493",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18493"
                },
                {
                  "name": "ADV-2006-0323",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0323"
                },
                {
                  "name": "16287",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16287"
                },
                {
                  "name": "VU#545804",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/545804"
                },
                {
                  "name": "1015499",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015499"
                },
                {
                  "name": "ADV-2006-0243",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0243"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
                },
                {
                  "name": "18608",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18608"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0262",
        "datePublished": "2006-01-18T11:00:00.000Z",
        "dateReserved": "2006-01-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.063Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0272 (GCVE-0-2006-0272)

    Vulnerability from cvelistv5 – Published: 2006-01-18 11:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-01-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.087Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf"
              },
              {
                "name": "oracle-january2006-update(24321)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
              },
              {
                "name": "20060126 [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT}",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0893.html"
              },
              {
                "name": "18493",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18493"
              },
              {
                "name": "ADV-2006-0323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0323"
              },
              {
                "name": "16287",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16287"
              },
              {
                "name": "TA06-018A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA06-018A.html"
              },
              {
                "name": "VU#545804",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/545804"
              },
              {
                "name": "1015499",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015499"
              },
              {
                "name": "ADV-2006-0243",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
              },
              {
                "name": "18608",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18608"
              },
              {
                "name": "VU#891644",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/891644"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt"
              },
              {
                "name": "oracle-xdbdbmx-xmlschema-bo(24376)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24376"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29.  NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf"
            },
            {
              "name": "oracle-january2006-update(24321)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
            },
            {
              "name": "20060126 [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT}",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0893.html"
            },
            {
              "name": "18493",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18493"
            },
            {
              "name": "ADV-2006-0323",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0323"
            },
            {
              "name": "16287",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16287"
            },
            {
              "name": "TA06-018A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-018A.html"
            },
            {
              "name": "VU#545804",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/545804"
            },
            {
              "name": "1015499",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015499"
            },
            {
              "name": "ADV-2006-0243",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
            },
            {
              "name": "18608",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18608"
            },
            {
              "name": "VU#891644",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/891644"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt"
            },
            {
              "name": "oracle-xdbdbmx-xmlschema-bo(24376)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24376"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0272",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29.  NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf",
                  "refsource": "MISC",
                  "url": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf"
                },
                {
                  "name": "oracle-january2006-update(24321)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
                },
                {
                  "name": "20060126 [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT}",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0893.html"
                },
                {
                  "name": "18493",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18493"
                },
                {
                  "name": "ADV-2006-0323",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0323"
                },
                {
                  "name": "16287",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16287"
                },
                {
                  "name": "TA06-018A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA06-018A.html"
                },
                {
                  "name": "VU#545804",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/545804"
                },
                {
                  "name": "1015499",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015499"
                },
                {
                  "name": "ADV-2006-0243",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0243"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
                },
                {
                  "name": "18608",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18608"
                },
                {
                  "name": "VU#891644",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/891644"
                },
                {
                  "name": "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt",
                  "refsource": "MISC",
                  "url": "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt"
                },
                {
                  "name": "oracle-xdbdbmx-xmlschema-bo(24376)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24376"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0272",
        "datePublished": "2006-01-18T11:00:00.000Z",
        "dateReserved": "2006-01-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3641 (GCVE-0-2005-3641)

    Vulnerability from cvelistv5 – Published: 2005-11-16 21:17 – Updated: 2024-09-16 23:11
    VLAI
    Summary
    Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:23.439Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
              },
              {
                "name": "15450",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15450"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-11-16T21:17:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
            },
            {
              "name": "15450",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15450"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3641",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ngssoftware.com/papers/database-on-xp.pdf",
                  "refsource": "MISC",
                  "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
                },
                {
                  "name": "15450",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15450"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3641",
        "datePublished": "2005-11-16T21:17:00.000Z",
        "dateReserved": "2005-11-16T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:11:46.098Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3204 (GCVE-0-2005-3204)

    Vulnerability from cvelistv5 – Published: 2005-10-14 04:00 – Updated: 2024-08-07 23:01
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/66 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/15034 vdb-entryx_refsource_BID
    http://www.red-database-security.com/advisory/ora… x_refsource_MISC
    http://secunia.com/advisories/15991/ third-party-advisoryx_refsource_SECUNIA
    http://www.oracle.com/technology/deploy/security/… x_refsource_MISC
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=112870541502542&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/20054 vdb-entryx_refsource_OSVDB
    Date Public
    2005-07-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:01:58.995Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "66",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/66"
              },
              {
                "name": "15034",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15034"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/oracle_xmldb_css.html"
              },
              {
                "name": "15991",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/15991/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html"
              },
              {
                "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0177.html"
              },
              {
                "name": "oracle-xmldb-xss(22541)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22541"
              },
              {
                "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=112870541502542\u0026w=2"
              },
              {
                "name": "20054",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/20054"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-07-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "66",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/66"
            },
            {
              "name": "15034",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15034"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/oracle_xmldb_css.html"
            },
            {
              "name": "15991",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/15991/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html"
            },
            {
              "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0177.html"
            },
            {
              "name": "oracle-xmldb-xss(22541)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22541"
            },
            {
              "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=112870541502542\u0026w=2"
            },
            {
              "name": "20054",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/20054"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3204",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "66",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/66"
                },
                {
                  "name": "15034",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15034"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/oracle_xmldb_css.html",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/oracle_xmldb_css.html"
                },
                {
                  "name": "15991",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/15991/"
                },
                {
                  "name": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html",
                  "refsource": "MISC",
                  "url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html"
                },
                {
                  "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0177.html"
                },
                {
                  "name": "oracle-xmldb-xss(22541)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22541"
                },
                {
                  "name": "20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=112870541502542\u0026w=2"
                },
                {
                  "name": "20054",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/20054"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3204",
        "datePublished": "2005-10-14T04:00:00.000Z",
        "dateReserved": "2005-10-14T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:01:58.995Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2244 (GCVE-0-2004-2244)

    Vulnerability from cvelistv5 – Published: 2005-07-17 04:00 – Updated: 2024-08-08 01:22
    VLAI
    Summary
    The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/10936 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://otn.oracle.com/deploy/security/pdf/2004ale… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/9703 vdb-entryx_refsource_BID
    http://www.osvdb.org/4011 vdb-entryx_refsource_OSVDB
    Date Public
    2004-02-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:22:12.715Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "10936",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10936"
              },
              {
                "name": "oracle-soap-dos(15270)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15270"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://otn.oracle.com/deploy/security/pdf/2004alert65.pdf"
              },
              {
                "name": "9703",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9703"
              },
              {
                "name": "4011",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/4011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-02-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "10936",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10936"
            },
            {
              "name": "oracle-soap-dos(15270)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15270"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://otn.oracle.com/deploy/security/pdf/2004alert65.pdf"
            },
            {
              "name": "9703",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9703"
            },
            {
              "name": "4011",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/4011"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2244",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "10936",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10936"
                },
                {
                  "name": "oracle-soap-dos(15270)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15270"
                },
                {
                  "name": "http://otn.oracle.com/deploy/security/pdf/2004alert65.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://otn.oracle.com/deploy/security/pdf/2004alert65.pdf"
                },
                {
                  "name": "9703",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9703"
                },
                {
                  "name": "4011",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/4011"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2244",
        "datePublished": "2005-07-17T04:00:00.000Z",
        "dateReserved": "2005-07-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:22:12.715Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1208 (GCVE-0-2003-1208)

    Vulnerability from cvelistv5 – Published: 2005-05-19 04:00 – Updated: 2024-08-08 02:19
    VLAI
    Summary
    Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/399806 third-party-advisoryx_refsource_CERT-VN
    http://www.osvdb.org/3840 vdb-entryx_refsource_OSVDB
    http://www.ciac.org/ciac/bulletins/o-093.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://secunia.com/advisories/10805 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/819126 third-party-advisoryx_refsource_CERT-VN
    http://www.osvdb.org/3838 vdb-entryx_refsource_OSVDB
    http://www.kb.cert.org/vuls/id/240174 third-party-advisoryx_refsource_CERT-VN
    http://archives.neohapsis.com/archives/vulnwatch/… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/9587 vdb-entryx_refsource_BID
    http://www.osvdb.org/3839 vdb-entryx_refsource_OSVDB
    http://www.kb.cert.org/vuls/id/846582 third-party-advisoryx_refsource_CERT-VN
    http://www.osvdb.org/3837 vdb-entryx_refsource_OSVDB
    http://www.nextgenss.com/advisories/ora_numtodsin… x_refsource_MISC
    http://www.nextgenss.com/advisories/ora_from_tz.txt x_refsource_MISC
    http://www.nextgenss.com/advisories/ora_numtoymin… x_refsource_MISC
    http://www.nextgenss.com/advisories/ora_time_zone.txt x_refsource_MISC
    Date Public
    2003-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:19:46.087Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oracle-multiple-function-bo(15060)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15060"
              },
              {
                "name": "VU#399806",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/399806"
              },
              {
                "name": "3840",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/3840"
              },
              {
                "name": "O-093",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-093.shtml"
              },
              {
                "name": "10805",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10805"
              },
              {
                "name": "VU#819126",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/819126"
              },
              {
                "name": "3838",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/3838"
              },
              {
                "name": "VU#240174",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/240174"
              },
              {
                "name": "20040205 Oracle Database 9ir2 Interval Conversion Functions Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0030.html"
              },
              {
                "name": "9587",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9587"
              },
              {
                "name": "3839",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/3839"
              },
              {
                "name": "VU#846582",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/846582"
              },
              {
                "name": "3837",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/3837"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nextgenss.com/advisories/ora_numtodsinterval.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nextgenss.com/advisories/ora_from_tz.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nextgenss.com/advisories/ora_numtoyminterval.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nextgenss.com/advisories/ora_time_zone.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oracle-multiple-function-bo(15060)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15060"
            },
            {
              "name": "VU#399806",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/399806"
            },
            {
              "name": "3840",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/3840"
            },
            {
              "name": "O-093",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-093.shtml"
            },
            {
              "name": "10805",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10805"
            },
            {
              "name": "VU#819126",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/819126"
            },
            {
              "name": "3838",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/3838"
            },
            {
              "name": "VU#240174",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/240174"
            },
            {
              "name": "20040205 Oracle Database 9ir2 Interval Conversion Functions Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0030.html"
            },
            {
              "name": "9587",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9587"
            },
            {
              "name": "3839",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/3839"
            },
            {
              "name": "VU#846582",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/846582"
            },
            {
              "name": "3837",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/3837"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nextgenss.com/advisories/ora_numtodsinterval.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nextgenss.com/advisories/ora_from_tz.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nextgenss.com/advisories/ora_numtoyminterval.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nextgenss.com/advisories/ora_time_zone.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1208",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oracle-multiple-function-bo(15060)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15060"
                },
                {
                  "name": "VU#399806",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/399806"
                },
                {
                  "name": "3840",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/3840"
                },
                {
                  "name": "O-093",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-093.shtml"
                },
                {
                  "name": "10805",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10805"
                },
                {
                  "name": "VU#819126",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/819126"
                },
                {
                  "name": "3838",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/3838"
                },
                {
                  "name": "VU#240174",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/240174"
                },
                {
                  "name": "20040205 Oracle Database 9ir2 Interval Conversion Functions Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0030.html"
                },
                {
                  "name": "9587",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9587"
                },
                {
                  "name": "3839",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/3839"
                },
                {
                  "name": "VU#846582",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/846582"
                },
                {
                  "name": "3837",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/3837"
                },
                {
                  "name": "http://www.nextgenss.com/advisories/ora_numtodsinterval.txt",
                  "refsource": "MISC",
                  "url": "http://www.nextgenss.com/advisories/ora_numtodsinterval.txt"
                },
                {
                  "name": "http://www.nextgenss.com/advisories/ora_from_tz.txt",
                  "refsource": "MISC",
                  "url": "http://www.nextgenss.com/advisories/ora_from_tz.txt"
                },
                {
                  "name": "http://www.nextgenss.com/advisories/ora_numtoyminterval.txt",
                  "refsource": "MISC",
                  "url": "http://www.nextgenss.com/advisories/ora_numtoyminterval.txt"
                },
                {
                  "name": "http://www.nextgenss.com/advisories/ora_time_zone.txt",
                  "refsource": "MISC",
                  "url": "http://www.nextgenss.com/advisories/ora_time_zone.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1208",
        "datePublished": "2005-05-19T04:00:00.000Z",
        "dateReserved": "2005-05-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:19:46.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-1495 (GCVE-0-2005-1495)

    Vulnerability from cvelistv5 – Published: 2005-05-11 04:00 – Updated: 2024-08-07 21:51
    VLAI
    Summary
    Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/16258 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/777773 third-party-advisoryx_refsource_CERT-VN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.red-database-security.com/advisory/ora… x_refsource_MISC
    http://marc.info/?l=bugtraq&m=111531683824209&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2005-05-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:51:50.392Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16258",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16258"
              },
              {
                "name": "VU#777773",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/777773"
              },
              {
                "name": "oracle-audit-data-manipulation(20407)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20407"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/oracle-fine-grained-auditing-issue.html"
              },
              {
                "name": "20050505 Oracle 9i / 10g Fine Grained Auditing Issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111531683824209\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-05-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16258",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16258"
            },
            {
              "name": "VU#777773",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/777773"
            },
            {
              "name": "oracle-audit-data-manipulation(20407)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20407"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/oracle-fine-grained-auditing-issue.html"
            },
            {
              "name": "20050505 Oracle 9i / 10g Fine Grained Auditing Issue",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111531683824209\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-1495",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16258",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16258"
                },
                {
                  "name": "VU#777773",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/777773"
                },
                {
                  "name": "oracle-audit-data-manipulation(20407)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20407"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/oracle-fine-grained-auditing-issue.html",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/oracle-fine-grained-auditing-issue.html"
                },
                {
                  "name": "20050505 Oracle 9i / 10g Fine Grained Auditing Issue",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111531683824209\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-1495",
        "datePublished": "2005-05-11T04:00:00.000Z",
        "dateReserved": "2005-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:51:50.392Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1193 (GCVE-0-2003-1193)

    Vulnerability from cvelistv5 – Published: 2005-05-10 04:00 – Updated: 2024-08-08 02:19
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2003-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:19:46.091Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://otn.oracle.com/deploy/security/pdf/2003alert61.pdf"
              },
              {
                "name": "20031105 Multiple SQL Injection Vulnerabilities in Oracle Application Server 9i and RDBMS (#NISR05112003)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/343520"
              },
              {
                "name": "oracle-portal-sql-injection(13593)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13593"
              },
              {
                "name": "8966",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/8966"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://otn.oracle.com/deploy/security/pdf/2003alert61.pdf"
            },
            {
              "name": "20031105 Multiple SQL Injection Vulnerabilities in Oracle Application Server 9i and RDBMS (#NISR05112003)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/343520"
            },
            {
              "name": "oracle-portal-sql-injection(13593)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13593"
            },
            {
              "name": "8966",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/8966"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1193",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://otn.oracle.com/deploy/security/pdf/2003alert61.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://otn.oracle.com/deploy/security/pdf/2003alert61.pdf"
                },
                {
                  "name": "20031105 Multiple SQL Injection Vulnerabilities in Oracle Application Server 9i and RDBMS (#NISR05112003)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/343520"
                },
                {
                  "name": "oracle-portal-sql-injection(13593)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13593"
                },
                {
                  "name": "8966",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/8966"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1193",
        "datePublished": "2005-05-10T04:00:00.000Z",
        "dateReserved": "2005-05-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:19:46.091Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0637 (GCVE-0-2004-0637)

    Vulnerability from cvelistv5 – Published: 2005-04-14 04:00 – Updated: 2024-08-08 00:24
    VLAI
    Summary
    Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/11099 vdb-entryx_refsource_BID
    http://www.idefense.com/application/poi/display?i… third-party-advisoryx_refsource_IDEFENSE
    http://www.kb.cert.org/vuls/id/316206 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/12409/ third-party-advisoryx_refsource_SECUNIA
    Date Public
    2004-09-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:24:26.763Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "11099",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11099"
              },
              {
                "name": "20040902 Oracle Database Server ctxsys.driload Access Validation Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/application/poi/display?id=136\u0026type=vulnerabilities\u0026flashstatus=true"
              },
              {
                "name": "VU#316206",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/316206"
              },
              {
                "name": "12409",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/12409/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-11-04T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "11099",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11099"
            },
            {
              "name": "20040902 Oracle Database Server ctxsys.driload Access Validation Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=136\u0026type=vulnerabilities\u0026flashstatus=true"
            },
            {
              "name": "VU#316206",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/316206"
            },
            {
              "name": "12409",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/12409/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0637",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "11099",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11099"
                },
                {
                  "name": "20040902 Oracle Database Server ctxsys.driload Access Validation Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/application/poi/display?id=136\u0026type=vulnerabilities\u0026flashstatus=true"
                },
                {
                  "name": "VU#316206",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/316206"
                },
                {
                  "name": "12409",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/12409/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0637",
        "datePublished": "2005-04-14T04:00:00.000Z",
        "dateReserved": "2004-07-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:24:26.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1707 (GCVE-0-2004-1707)

    Vulnerability from cvelistv5 – Published: 2005-02-26 05:00 – Updated: 2024-08-08 01:00
    VLAI
    Summary
    The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/12205 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=109147677214087&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/10829 vdb-entryx_refsource_BID
    Date Public
    2004-08-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:00:37.205Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "12205",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/12205"
              },
              {
                "name": "oracle-libraries-gain-privileges(16839)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16839"
              },
              {
                "name": "20040802 OPEN3S - Local Privilege Elevation through Oracle products (Unix Platform)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109147677214087\u0026w=2"
              },
              {
                "name": "10829",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10829"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-08-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "12205",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/12205"
            },
            {
              "name": "oracle-libraries-gain-privileges(16839)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16839"
            },
            {
              "name": "20040802 OPEN3S - Local Privilege Elevation through Oracle products (Unix Platform)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109147677214087\u0026w=2"
            },
            {
              "name": "10829",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10829"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1707",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "12205",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/12205"
                },
                {
                  "name": "oracle-libraries-gain-privileges(16839)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16839"
                },
                {
                  "name": "20040802 OPEN3S - Local Privilege Elevation through Oracle products (Unix Platform)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109147677214087\u0026w=2"
                },
                {
                  "name": "10829",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10829"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1707",
        "datePublished": "2005-02-26T05:00:00.000Z",
        "dateReserved": "2005-02-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:00:37.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1367 (GCVE-0-2004-1367)

    Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:46
    VLAI
    Summary
    Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=110382247308064&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.kb.cert.org/vuls/id/316206 third-party-advisoryx_refsource_CERT-VN
    http://www.us-cert.gov/cas/techalerts/TA04-245A.html third-party-advisoryx_refsource_CERT
    http://www.ngssoftware.com/advisories/oracle23122… x_refsource_MISC
    http://www.oracle.com/technology/deploy/security/… x_refsource_CONFIRM
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    Date Public
    2004-12-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:46:12.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20041223 Oracle clear text passwords (#NISR2122004D)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110382247308064\u0026w=2"
              },
              {
                "name": "VU#316206",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/316206"
              },
              {
                "name": "TA04-245A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
              },
              {
                "name": "101782",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Oracle 10g Database Server, when installed with a password that contains an exclamation point (\"!\") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20041223 Oracle clear text passwords (#NISR2122004D)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110382247308064\u0026w=2"
            },
            {
              "name": "VU#316206",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/316206"
            },
            {
              "name": "TA04-245A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
            },
            {
              "name": "101782",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1367",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Oracle 10g Database Server, when installed with a password that contains an exclamation point (\"!\") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20041223 Oracle clear text passwords (#NISR2122004D)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110382247308064\u0026w=2"
                },
                {
                  "name": "VU#316206",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/316206"
                },
                {
                  "name": "TA04-245A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
                },
                {
                  "name": "http://www.ngssoftware.com/advisories/oracle23122004D.txt",
                  "refsource": "MISC",
                  "url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
                },
                {
                  "name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
                },
                {
                  "name": "101782",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1367",
        "datePublished": "2005-01-19T05:00:00.000Z",
        "dateReserved": "2005-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:46:12.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1365 (GCVE-0-2004-1365)

    Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:46
    VLAI
    Summary
    Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ngssoftware.com/advisories/oracle23122… x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=110382471608835&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.kb.cert.org/vuls/id/316206 third-party-advisoryx_refsource_CERT-VN
    http://www.us-cert.gov/cas/techalerts/TA04-245A.html third-party-advisoryx_refsource_CERT
    http://www.securityfocus.com/bid/10871 vdb-entryx_refsource_BID
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    Date Public
    2004-12-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:46:12.434Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ngssoftware.com/advisories/oracle23122004C.txt"
              },
              {
                "name": "oracle-extproc-command-execution(18662)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18662"
              },
              {
                "name": "20041223 Oracle extproc local command execution (#NISR23122004C)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110382471608835\u0026w=2"
              },
              {
                "name": "VU#316206",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/316206"
              },
              {
                "name": "TA04-245A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
              },
              {
                "name": "10871",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10871"
              },
              {
                "name": "101782",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ngssoftware.com/advisories/oracle23122004C.txt"
            },
            {
              "name": "oracle-extproc-command-execution(18662)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18662"
            },
            {
              "name": "20041223 Oracle extproc local command execution (#NISR23122004C)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110382471608835\u0026w=2"
            },
            {
              "name": "VU#316206",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/316206"
            },
            {
              "name": "TA04-245A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
            },
            {
              "name": "10871",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10871"
            },
            {
              "name": "101782",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1365",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ngssoftware.com/advisories/oracle23122004C.txt",
                  "refsource": "MISC",
                  "url": "http://www.ngssoftware.com/advisories/oracle23122004C.txt"
                },
                {
                  "name": "oracle-extproc-command-execution(18662)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18662"
                },
                {
                  "name": "20041223 Oracle extproc local command execution (#NISR23122004C)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110382471608835\u0026w=2"
                },
                {
                  "name": "VU#316206",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/316206"
                },
                {
                  "name": "TA04-245A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
                },
                {
                  "name": "10871",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10871"
                },
                {
                  "name": "101782",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1365",
        "datePublished": "2005-01-19T05:00:00.000Z",
        "dateReserved": "2005-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:46:12.434Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1366 (GCVE-0-2004-1366)

    Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:46
    VLAI
    Summary
    Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-12-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:46:12.404Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oracle-sysman-password-plaintext(18661)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18661"
              },
              {
                "name": "20041223 Oracle clear text passwords (#NISR2122004D)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/385323"
              },
              {
                "name": "VU#316206",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/316206"
              },
              {
                "name": "TA04-245A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
              },
              {
                "name": "10871",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10871"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
              },
              {
                "name": "101782",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oracle-sysman-password-plaintext(18661)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18661"
            },
            {
              "name": "20041223 Oracle clear text passwords (#NISR2122004D)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/385323"
            },
            {
              "name": "VU#316206",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/316206"
            },
            {
              "name": "TA04-245A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
            },
            {
              "name": "10871",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10871"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
            },
            {
              "name": "101782",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1366",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oracle-sysman-password-plaintext(18661)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18661"
                },
                {
                  "name": "20041223 Oracle clear text passwords (#NISR2122004D)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/385323"
                },
                {
                  "name": "VU#316206",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/316206"
                },
                {
                  "name": "TA04-245A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
                },
                {
                  "name": "http://www.ngssoftware.com/advisories/oracle23122004D.txt",
                  "refsource": "MISC",
                  "url": "http://www.ngssoftware.com/advisories/oracle23122004D.txt"
                },
                {
                  "name": "10871",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10871"
                },
                {
                  "name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
                },
                {
                  "name": "101782",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1366",
        "datePublished": "2005-01-19T05:00:00.000Z",
        "dateReserved": "2005-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:46:12.404Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0638 (GCVE-0-2004-0638)

    Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:24
    VLAI
    Summary
    Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-09-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:24:26.842Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oracle-dbmssystem-bo(17254)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17254"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
              },
              {
                "name": "20040902 Oracle Database Server dbms_system.ksdwrt Buffer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/application/poi/display?id=135\u0026type=vulnerabilities\u0026flashstatus=false"
              },
              {
                "name": "11100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11100"
              },
              {
                "name": "20040905 Buffer Overflow in DBMS_SYSTEM.KSDWRT() in Oracle8i - 9i",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0178.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.red-database-security.com/advisory/advisory_20040903_3.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oracle-dbmssystem-bo(17254)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17254"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
            },
            {
              "name": "20040902 Oracle Database Server dbms_system.ksdwrt Buffer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=135\u0026type=vulnerabilities\u0026flashstatus=false"
            },
            {
              "name": "11100",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11100"
            },
            {
              "name": "20040905 Buffer Overflow in DBMS_SYSTEM.KSDWRT() in Oracle8i - 9i",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0178.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.red-database-security.com/advisory/advisory_20040903_3.htm"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0638",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oracle-dbmssystem-bo(17254)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17254"
                },
                {
                  "name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
                },
                {
                  "name": "20040902 Oracle Database Server dbms_system.ksdwrt Buffer Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/application/poi/display?id=135\u0026type=vulnerabilities\u0026flashstatus=false"
                },
                {
                  "name": "11100",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11100"
                },
                {
                  "name": "20040905 Buffer Overflow in DBMS_SYSTEM.KSDWRT() in Oracle8i - 9i",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0178.html"
                },
                {
                  "name": "http://www.red-database-security.com/advisory/advisory_20040903_3.htm",
                  "refsource": "MISC",
                  "url": "http://www.red-database-security.com/advisory/advisory_20040903_3.htm"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0638",
        "datePublished": "2005-01-19T05:00:00.000Z",
        "dateReserved": "2004-07-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:24:26.842Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1368 (GCVE-0-2004-1368)

    Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:46
    VLAI
    Summary
    ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=110382264415387&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.ngssoftware.com/advisories/oracle23122… x_refsource_MISC
    http://www.kb.cert.org/vuls/id/435974 third-party-advisoryx_refsource_CERT-VN
    http://www.us-cert.gov/cas/techalerts/TA04-245A.html third-party-advisoryx_refsource_CERT
    http://www.securityfocus.com/bid/10871 vdb-entryx_refsource_BID
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    Date Public
    2004-12-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:46:12.449Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oracle-isqlplus-file-access(18656)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18656"
              },
              {
                "name": "20041223 Oracle ISQLPlus file access vulnerability (#NISR2122004E)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110382264415387\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ngssoftware.com/advisories/oracle23122004E.txt"
              },
              {
                "name": "VU#435974",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/435974"
              },
              {
                "name": "TA04-245A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
              },
              {
                "name": "10871",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10871"
              },
              {
                "name": "101782",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oracle-isqlplus-file-access(18656)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18656"
            },
            {
              "name": "20041223 Oracle ISQLPlus file access vulnerability (#NISR2122004E)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110382264415387\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ngssoftware.com/advisories/oracle23122004E.txt"
            },
            {
              "name": "VU#435974",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/435974"
            },
            {
              "name": "TA04-245A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
            },
            {
              "name": "10871",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10871"
            },
            {
              "name": "101782",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1368",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oracle-isqlplus-file-access(18656)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18656"
                },
                {
                  "name": "20041223 Oracle ISQLPlus file access vulnerability (#NISR2122004E)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110382264415387\u0026w=2"
                },
                {
                  "name": "http://www.ngssoftware.com/advisories/oracle23122004E.txt",
                  "refsource": "MISC",
                  "url": "http://www.ngssoftware.com/advisories/oracle23122004E.txt"
                },
                {
                  "name": "VU#435974",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/435974"
                },
                {
                  "name": "TA04-245A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
                },
                {
                  "name": "10871",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10871"
                },
                {
                  "name": "101782",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1368",
        "datePublished": "2005-01-19T05:00:00.000Z",
        "dateReserved": "2005-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:46:12.449Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1369 (GCVE-0-2004-1369)

    Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:46
    VLAI
    Summary
    The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2004-12-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:46:12.448Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ngssoftware.com/advisories/oracle23122004F.txt"
              },
              {
                "name": "oracle-tnslsnr-nsgr-dos(18664)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18664"
              },
              {
                "name": "20041223 Oracle TNS Listener DoS (#NISR2122004F)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110382524401468\u0026w=2"
              },
              {
                "name": "VU#316206",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/316206"
              },
              {
                "name": "TA04-245A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
              },
              {
                "name": "10871",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10871"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
              },
              {
                "name": "101782",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ngssoftware.com/advisories/oracle23122004F.txt"
            },
            {
              "name": "oracle-tnslsnr-nsgr-dos(18664)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18664"
            },
            {
              "name": "20041223 Oracle TNS Listener DoS (#NISR2122004F)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110382524401468\u0026w=2"
            },
            {
              "name": "VU#316206",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/316206"
            },
            {
              "name": "TA04-245A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
            },
            {
              "name": "10871",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10871"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
            },
            {
              "name": "101782",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1369",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ngssoftware.com/advisories/oracle23122004F.txt",
                  "refsource": "MISC",
                  "url": "http://www.ngssoftware.com/advisories/oracle23122004F.txt"
                },
                {
                  "name": "oracle-tnslsnr-nsgr-dos(18664)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18664"
                },
                {
                  "name": "20041223 Oracle TNS Listener DoS (#NISR2122004F)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110382524401468\u0026w=2"
                },
                {
                  "name": "VU#316206",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/316206"
                },
                {
                  "name": "TA04-245A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
                },
                {
                  "name": "10871",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10871"
                },
                {
                  "name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
                },
                {
                  "name": "101782",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1369",
        "datePublished": "2005-01-19T05:00:00.000Z",
        "dateReserved": "2005-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:46:12.448Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1364 (GCVE-0-2004-1364)

    Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:46
    VLAI
    Summary
    Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2004-12-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:46:12.559Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oracle-extproc-directory-traversal(18658)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18658"
              },
              {
                "name": "20061219 Oracle \u003c= 9i / 10g (extproc) Local/Remote Command Execution Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/454861/100/0/threaded"
              },
              {
                "name": "VU#316206",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/316206"
              },
              {
                "name": "TA04-245A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
              },
              {
                "name": "20041223 Oracle extproc directory traversal (#NISR23122004B)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=110382406002365\u0026w=2"
              },
              {
                "name": "10871",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10871"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
              },
              {
                "name": "101782",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ngssoftware.com/advisories/oracle23122004B.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\\bin directory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oracle-extproc-directory-traversal(18658)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18658"
            },
            {
              "name": "20061219 Oracle \u003c= 9i / 10g (extproc) Local/Remote Command Execution Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/454861/100/0/threaded"
            },
            {
              "name": "VU#316206",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/316206"
            },
            {
              "name": "TA04-245A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
            },
            {
              "name": "20041223 Oracle extproc directory traversal (#NISR23122004B)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=110382406002365\u0026w=2"
            },
            {
              "name": "10871",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10871"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
            },
            {
              "name": "101782",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ngssoftware.com/advisories/oracle23122004B.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1364",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\\bin directory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oracle-extproc-directory-traversal(18658)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18658"
                },
                {
                  "name": "20061219 Oracle \u003c= 9i / 10g (extproc) Local/Remote Command Execution Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/454861/100/0/threaded"
                },
                {
                  "name": "VU#316206",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/316206"
                },
                {
                  "name": "TA04-245A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-245A.html"
                },
                {
                  "name": "20041223 Oracle extproc directory traversal (#NISR23122004B)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=110382406002365\u0026w=2"
                },
                {
                  "name": "10871",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10871"
                },
                {
                  "name": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf"
                },
                {
                  "name": "101782",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1"
                },
                {
                  "name": "http://www.ngssoftware.com/advisories/oracle23122004B.txt",
                  "refsource": "MISC",
                  "url": "http://www.ngssoftware.com/advisories/oracle23122004B.txt"
                },
                {
                  "name": "http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql",
                  "refsource": "MISC",
                  "url": "http://www.0xdeadbeef.info/exploits/raptor_oraextproc.sql"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1364",
        "datePublished": "2005-01-19T05:00:00.000Z",
        "dateReserved": "2005-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:46:12.559Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }