Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe

Filtered by product Oracle8i

Total 46 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2001-0515	1 Oracle	2 Database Server, Oracle8i	2023-12-10	5.0 MEDIUM	N/A
Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value.
CVE-2004-1364	1 Oracle	9 Application Server, Collaboration Suite, E-business Suite and 6 more	2023-12-10	8.5 HIGH	N/A
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.
CVE-2002-0564	1 Oracle	4 Application Server, Application Server Web Cache, Oracle8i and 1 more	2023-12-10	7.5 HIGH	N/A
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid credentials.
CVE-2001-0326	1 Oracle	2 Application Server, Oracle8i	2023-12-10	7.5 HIGH	N/A
Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission.
CVE-2002-0568	1 Oracle	3 Application Server, Oracle8i, Oracle9i	2023-12-10	2.1 LOW	N/A
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.
CVE-2002-0858	1 Oracle	2 Oracle8i, Oracle9i	2023-12-10	7.5 HIGH	N/A
catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges.