Total
199 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0560 | 1 Oracle | 4 Application Server, Application Server Web Cache, Oracle8i and 1 more | 2016-10-17 | 5.0 MEDIUM | N/A |
| PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listprint, or (3) OWA_UTIL.show_query_columns. | |||||
| CVE-2002-0569 | 1 Oracle | 1 Application Server | 2016-10-17 | 7.5 HIGH | N/A |
| Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet (XSQLServlet). | |||||
| CVE-2001-1371 | 1 Oracle | 1 Application Server | 2016-10-17 | 7.5 HIGH | N/A |
| The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager. | |||||
| CVE-2001-0419 | 1 Oracle | 1 Application Server | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /jsp/. | |||||
| CVE-2009-1011 | 1 Oracle | 1 Application Server | 2014-01-13 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is for multiple integer overflows in a function that parses an optional data stream within a Microsoft Office file, leading to a heap-based buffer overflow. | |||||
| CVE-2010-0066 | 1 Oracle | 1 Application Server | 2012-10-22 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Access Manager Identity Server component in Oracle Application Server 7.0.4.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2010-0070 | 1 Oracle | 1 Application Server | 2012-10-22 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2010-0067 | 1 Oracle | 1 Application Server | 2012-10-22 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2009-3412 | 1 Oracle | 2 Application Server, Database Server | 2012-10-22 | 1.0 LOW | N/A |
| Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors. | |||||
| CVE-2009-1999 | 1 Oracle | 1 Application Server | 2012-10-22 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified Oracle Application Server versions allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2009-1990 | 1 Oracle | 1 Application Server | 2012-10-22 | 1.7 LOW | N/A |
| Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors. | |||||
| CVE-2008-7233 | 1 Oracle | 2 Application Server, E-business Suite 11i | 2012-10-22 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator component, aka AS02. | |||||
| CVE-2008-4017 | 1 Oracle | 1 Application Server | 2012-10-22 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2008-4014 | 1 Oracle | 1 Application Server | 2012-10-22 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2008-2583 | 1 Oracle | 2 Application Server, Oracle Portal Component | 2012-10-22 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the sample Discussion Forum Portlet for the Oracle Portal component in Oracle Application Server, as available from OTN before 20080715, has unknown impact and remote attack vectors. | |||||
| CVE-2008-2614 | 1 Oracle | 3 Application Server, Oracle Application Server, Oracle Http Server Component | 2012-10-22 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.3.3 has unknown impact and remote attack vectors. | |||||
| CVE-2008-2609 | 1 Oracle | 3 Application Server, Oracle Application Server, Oracle Portal Component | 2012-10-22 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. | |||||
| CVE-2008-0343 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2012-10-22 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has unknown impact and remote attack vectors, aka DB06. | |||||
| CVE-2008-0344 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2012-10-22 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote attack vectors, aka DB07. | |||||
| CVE-2008-0340 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2012-10-22 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04). | |||||