Cpe Name:
cpe:/a:oracle:database_server:9.2.0.8dv:r2
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2007-4822 |
352 |
|
CSRF |
2007-09-11 |
2018-10-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html. |
2 |
CVE-2007-3854 |
|
|
Overflow Sql |
2007-07-18 |
2017-07-28 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow. |
Total number of vulnerabilities :
2
Page :
1
(This Page)