Filtered by vendor Oracle Subscriptions
Filtered by product Oracle8i Subscriptions
Total 46 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-0637 1 Oracle 2 Oracle8i, Oracle9i 2025-04-03 N/A
Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
CVE-2004-0638 1 Oracle 2 Oracle8i, Oracle9i 2025-04-03 N/A
Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument.
CVE-2003-0634 1 Oracle 2 Oracle8i, Oracle9i 2025-04-03 N/A
Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.
CVE-2000-1180 1 Oracle 1 Oracle8i 2025-04-03 N/A
Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument.
CVE-2004-1362 1 Oracle 9 Application Server, Collaboration Suite, E-business Suite and 6 more 2025-04-03 N/A
The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters.
CVE-2004-1364 1 Oracle 9 Application Server, Collaboration Suite, E-business Suite and 6 more 2025-04-03 N/A
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.