CVE-2005-4832

Public exploit
SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197.
Max CVSS
7.5
EPSS Score
89.73%
Published
2005-12-31
Updated
2017-07-29
The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).
Max CVSS
5.0
EPSS Score
46.26%
Published
2005-12-28
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to inject arbitrary web script or HTML via the (1) RowKeyValue parameter in the PORTAL schema; and the (2) title and (3) content input fields when creating an forum article.
Max CVSS
4.3
EPSS Score
3.74%
Published
2005-12-28
Updated
2016-10-18
Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username.
Max CVSS
7.5
EPSS Score
0.22%
Published
2005-11-16
Updated
2008-09-05
Unspecified vulnerability in Enterprise CRM Sales in Oracle 8.81 up to 8.9 has unknown impact and attack vectors, as identified by Oracle Vuln# CRM01.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in JDEdwards HTML Server in Oracle EnterpriseOne 8.94 OneWorld XE up to 8.95_B1, 8.94_Q1, and SP23_K1 has unknown impact and attack vectors, as identified by Oracle Vuln# JDE01.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE04.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.03 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE03.
Max CVSS
10.0
EPSS Score
0.30%
Published
2005-11-02
Updated
2016-05-11
Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.02 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE02.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager 9.0.4.1 up to 10.1.0.4 has unknown impact and attack vectors, as identified by Oracle Vuln# EM01.
Max CVSS
10.0
EPSS Score
0.43%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in Oracle E-Business Suite and Applications 4.5 up to 4.5.1 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS22 in Oracle Clinical.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.10 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS08 in HRMS.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.10 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in Application Install; (2) APPS02 and (3) APPS03 in Application Object Library; (4) APPS05 and (5) APPS06 in Applications Technology Stack; (6) APPS07 in Applications Utilities; (7) APPS09, (8) APPS10, and (9) APPS11 in HRMS; (10) APPS12 in Mobile Application Foundation; (11) APPS13 in SDP Number Portability; (12) APPS14 in Oracle Service; (13) APPS15 in Service Fulfillment Manage, (14) APPS16 in Universal Work Queue; and (15) APPS20 in Workflow Cartridge.
Max CVSS
10.0
EPSS Score
0.50%
Published
2005-11-02
Updated
2012-10-23
Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10g Release 1 version 10.1.1 and 9i Release 2 9.0.4.2 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04 for Calendar; (5) OCS05, (6) OCS06, (7) OCS07, (8) OCS08, (9) OCS09, and (10) OCS10 for Email Server; and (11) OCS11, (12) OCS12, and (13) OCS13 for Oracle Files.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Multiple unspecified vulnerabilities in Web Cache in Oracle Application Server 1.0 up to 10.1.2.0 has unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS12 and (2) AS14.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in Web Cache in Oracle Application Server 1.0 up to 9.0.4.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS13.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in SQL*ReportWriter in Oracle Application Server 9.0 up to 9.0.2.1 has unknown impact and attack vectors, as identified by Oracle Vuln# AS10.
Max CVSS
10.0
EPSS Score
0.43%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in the HTTP Server in Oracle Application Server 1.0 up to 9.0.2.3 has unknown impact and attack vectors, as identified by Oracle Vuln# AS04.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS02 in Containers for J2EE, (2) AS07 in Internet Directory, (3) AS09 in Report Server, and (4) AS11 in Web Cache.
Max CVSS
10.0
EPSS Score
0.50%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in the OC4J Module in Oracle Application Server 9.0 up to 10.1.2.0.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS01.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in Internet Directory in Oracle Database Server 9i up to 9.2.0.6 and Application Server 9.0.2.3 up to 10.1.2.0 has unknown impact and attack vectors, aka Oracle Vuln# DB32 and AS06.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05.
Max CVSS
10.0
EPSS Score
0.43%
Published
2005-11-02
Updated
2012-10-23
Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i up to 9.2.0.5 have unknown impact and attack vectors, aka Oracle Vuln# DB26.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in the Spatial component in Oracle Database Server from 9i up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB17.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
Unspecified vulnerability in Database Scheduler in Oracle Database Server 10g up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB08.
Max CVSS
10.0
EPSS Score
0.33%
Published
2005-11-02
Updated
2012-10-23
73 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!