Title: Oracle Multiple Unspecified Vulnerabilities
Severity: HIGH
Description:
Oracle is prone to multiple unspecified vulnerabilities. The issues include various cross-site scripting, SQL-injection, security-bypass, and plaintext-password vulnerabilities. Very little information has been provided about these vulnerabilities. However, the individual who reported the issues says that they have not been patched.
These issues affect Oracle Database, Oracle Secure Enterprise Search, Oracle HTMLDB, Oracle TNS Listener 10g, Oracle HTMLDB, Oracle HTMLDB, Oracle Import, Workflow, JDeveloper, Oracle Developer Tools for Visual Studio .NET, Oracle Discoverer, Oracle Reports, and Oracle XMLDB.
Here are the various issues that have been reported, including a severity rating that was provided by the individual who discovered the issues:
Oracle BugID : Component : Severity
7520291 : Oracle Database : high
7438901 : Oracle Secure Enterprise Search : medium
6914665 : Oracle Database : high
6543483 : Documentation bug concerning a special privilege : low
6543923 : default role with a dangerous privilege : high
6980701 : Oracle Database : high
6980711 : Oracle Database : high
6980717 : Oracle Database : high
6980695 : Oracle Database : high
6980733 : Oracle Database : high
6980737 : Oracle Database : high
6980745 : Oracle Database : high
6980751 : Oracle Database : high
6980753 : Oracle Database : high
6980765 : Oracle Database : high
6980775 : Oracle Database : high
6980781 : Oracle Database : high
6980783 : Oracle Database : high
6980793 : Oracle Database : high
6980797 : Oracle Database : high
6980807 : Oracle Database : high
6980813 : Oracle Database : high
6980817 : Oracle Database : high
6980819 : Oracle Database : high
6980825 : Oracle Database : high
6454153 : Oracle HTMLDB : high
6454409 : Oracle TNS Listener 10g : high
6343935 : Oracle HTMLDB : medium
6343787 : Oracle HTMLDB : medium
5448895 : Oracle Import : high
2005-S072E : Workflow : low
2005-S071E : Workflow : low
2005-S067E : JDeveloper : medium
2005-S066E : JDeveloper : medium
2005-S064E : Oracle Developer Tools for Visual Studio .NET : low
2005-S050E : Oracle Database 10g : medium
2004-S038E : Oracle Database 10g : low
2004-S037E : Oracle Database 10g : low
2004-S034E : Oracle Database 10g : low
2003-S198E : TNS Listener : low
2003-S110E : Oracle Database 8i/9i : low
6085687 : Oracle Discoverer : low
6085705 : Oracle Reports : low
2003-S033E : Oracle XMLDB : medium
Affected Products:
- Oracle Discoverer
- Oracle HTML DB 1.5.0
- Oracle HTML DB 1.5.1
- Oracle HTML DB 1.6.0
- Oracle HTML DB 1.6.1
- Oracle HTML DB 2.0.0
- Oracle Import
- Oracle JDeveloper
- Oracle Oracle Reports 10g 9.0.0
- Oracle Oracle Reports 10g 9.0.1
- Oracle Oracle Reports 10g 9.0.2
- Oracle Oracle Reports 10g 9.0.3
- Oracle Oracle Reports 10g 9.0.4
- Oracle Oracle Reports 10g 9.0.4 .3.3
- Oracle Oracle10g Enterprise Edition 10.1.0 .0.2
- Oracle Oracle10g Enterprise Edition 10.1.0 .0.3
- Oracle Oracle10g Enterprise Edition 10.1.0 .0.3.1
- Oracle Oracle10g Enterprise Edition 10.1.0 .0.4
- Oracle Oracle10g Enterprise Edition 10.2.0 .1
- Oracle Oracle10g Enterprise Edition 10.2.0 .2
- Oracle Oracle10g Enterprise Edition 10.2.0 .3
- Oracle Oracle10g Enterprise Edition 9.0.4 .0
- Oracle Oracle10g Personal Edition 10.1.0 .0.2
- Oracle Oracle10g Personal Edition 10.1.0 .0.3
- Oracle Oracle10g Personal Edition 10.1.0 .0.3.1
- Oracle Oracle10g Personal Edition 10.1.0 .0.4
- Oracle Oracle10g Personal Edition 10.2.0 .1
- Oracle Oracle10g Personal Edition 10.2.0 .2
- Oracle Oracle10g Personal Edition 10.2.0 .3
- Oracle Oracle10g Personal Edition 9.0.4 .0
- Oracle Oracle10g Standard Edition 10.1.0 .0.2
- Oracle Oracle10g Standard Edition 10.1.0 .0.3
- Oracle Oracle10g Standard Edition 10.1.0 .0.3.1
- Oracle Oracle10g Standard Edition 10.1.0 .0.4
- Oracle Oracle10g Standard Edition 10.1.0 .0.5
- Oracle Oracle10g Standard Edition 10.1.0 .4.2
- Oracle Oracle10g Standard Edition 10.2.0 .2
- Oracle Oracle10g Standard Edition 10.2.0 .3
- Oracle Oracle10g Standard Edition 10.2.0.1
- Oracle Oracle10g Standard Edition 9.0.4 .0
- Oracle Oracle8i Enterprise Edition 8.0.5.0.0
- Oracle Oracle8i Enterprise Edition 8.0.6.0.0
- Oracle Oracle8i Enterprise Edition 8.0.6.0.1
- Oracle Oracle8i Enterprise Edition 8.1.5.0.0
- Oracle Oracle8i Enterprise Edition 8.1.5.0.2
- Oracle Oracle8i Enterprise Edition 8.1.5.1.0
- Oracle Oracle8i Enterprise Edition 8.1.6.0.0
- Oracle Oracle8i Enterprise Edition 8.1.6.1.0
- Oracle Oracle8i Enterprise Edition 8.1.7 .0.0
- Oracle Oracle8i Enterprise Edition 8.1.7.1.0
- Oracle Oracle8i Enterprise Edition 8.1.7.4
- Oracle Oracle8i Standard Edition 8.0.0 x
- Oracle Oracle8i Standard Edition 8.0.6
- Oracle Oracle8i Standard Edition 8.0.6.3
- Oracle Oracle8i Standard Edition 8.1.0 x
- Oracle Oracle8i Standard Edition 8.1.5
- Oracle Oracle8i Standard Edition 8.1.6
- Oracle Oracle8i Standard Edition 8.1.7
- Oracle Oracle8i Standard Edition 8.1.7.0.0
- Oracle Oracle8i Standard Edition 8.1.7.1
- Oracle Oracle8i Standard Edition 8.1.7.4
- Oracle Oracle8i Standard Edition 8.1.7.4
- Oracle Oracle9i Enterprise Edition 8.1.7
- Oracle Oracle9i Enterprise Edition 9.0.1
- Oracle Oracle9i Enterprise Edition 9.0.1 .5 FIPS
- Oracle Oracle9i Enterprise Edition 9.0.1.4
- Oracle Oracle9i Enterprise Edition 9.0.1.5
- Oracle Oracle9i Enterprise Edition 9.0.4
- Oracle Oracle9i Enterprise Edition 9.2.0 .0.3
- Oracle Oracle9i Enterprise Edition 9.2.0 .0.5
- Oracle Oracle9i Enterprise Edition 9.2.0 .6
- Oracle Oracle9i Enterprise Edition 9.2.0 .7
- Oracle Oracle9i Enterprise Edition 9.2.0.0
- Oracle Oracle9i Enterprise Edition 9.2.0.0.1
- Oracle Oracle9i Enterprise Edition 9.2.0.0.2
- Oracle Oracle9i Enterprise Edition 9.2.0.0.4
- Oracle Oracle9i Personal Edition 8.1.7
- Oracle Oracle9i Personal Edition 9.0.1
- Oracle Oracle9i Personal Edition 9.0.1 .5 FIPS
- Oracle Oracle9i Personal Edition 9.0.1.4
- Oracle Oracle9i Personal Edition 9.0.1.5
- Oracle Oracle9i Personal Edition 9.0.4
- Oracle Oracle9i Personal Edition 9.2.0
- Oracle Oracle9i Personal Edition 9.2.0 .0.3
- Oracle Oracle9i Personal Edition 9.2.0 .0.5
- Oracle Oracle9i Personal Edition 9.2.0 .6
- Oracle Oracle9i Personal Edition 9.2.0 .7
- Oracle Oracle9i Personal Edition 9.2.0.0.1
- Oracle Oracle9i Personal Edition 9.2.0.0.2
- Oracle Oracle9i Personal Edition 9.2.0.0.4
- Oracle Oracle9i Standard Edition 8.1.7
- Oracle Oracle9i Standard Edition 9.0.0
- Oracle Oracle9i Standard Edition 9.0.1
- Oracle Oracle9i Standard Edition 9.0.1 .5 FIPS
- Oracle Oracle9i Standard Edition 9.0.1.2
- Oracle Oracle9i Standard Edition 9.0.1.3
- Oracle Oracle9i Standard Edition 9.0.1.4
- Oracle Oracle9i Standard Edition 9.0.1.5
- Oracle Oracle9i Standard Edition 9.0.2
- Oracle Oracle9i Standard Edition 9.0.4
- Oracle Oracle9i Standard Edition 9.2.0
- Oracle Oracle9i Standard Edition 9.2.0 .0.3
- Oracle Oracle9i Standard Edition 9.2.0 .0.5
- Oracle Oracle9i Standard Edition 9.2.0 .1
- Oracle Oracle9i Standard Edition 9.2.0 .1
- Oracle Oracle9i Standard Edition 9.2.0 .2
- Oracle Oracle9i Standard Edition 9.2.0 .2
- Oracle Oracle9i Standard Edition 9.2.0 .3
- Oracle Oracle9i Standard Edition 9.2.0 .6
- Oracle Oracle9i Standard Edition 9.2.0 .7
- Oracle Oracle9i Standard Edition 9.2.0.0.1
- Oracle Oracle9i Standard Edition 9.2.0.0.2
- Oracle Oracle9i Standard Edition 9.2.0.0.4
- Oracle TNS Listener
- Oracle Workflow 11.5.1
- Oracle Workflow 11.5.9 .5
- Oracle XMLDB
References:
- Oracle: Oracle HTML DB Product Page
- Oracle: Oracle Homepage
- Oracle: Oracle Reports 10g Home Page
- Red-Database-Security: Upcoming Oracle Security Alerts
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
