Oracle Database Server vulnerabilities

CVE-2011-0799 [MEDIUM] CVE-2011-0799: Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0 Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0.5 (OWB), 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Warehouse Builder User Account.

CVE-2011-0793 [LOW] CVE-2011-0793: Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0 Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity and availability, related to SYSDBA.

CVE-2011-0804 [LOW] CVE-2011-0804: Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0 Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVE-2010-3600 [HIGH] CVE-2010-3600: Unspecified vulnerability in the Client System Analyzer component in Oracle Database Server 11.1.0.7 Unspecified vulnerability in the Client System Analyzer component in Oracle Database Server 11.1.0.7 and 11.2.0.1 and Enterprise Manager Grid Control 10.2.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claim

CVE-2010-4421 [MEDIUM] CVE-2010-4421: Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0 Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2010-4413 [MEDIUM] CVE-2010-4413: Unspecified vulnerability in the Scheduler Agent component in Oracle Database Server 11.1.0.7 and 11 Unspecified vulnerability in the Scheduler Agent component in Oracle Database Server 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2010-3590 [MEDIUM] CVE-2010-3590: Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.4, 11.1.0 Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to MDSYS.

CVE-2010-4423 [MEDIUM] CVE-2010-4423: Unspecified vulnerability in the Cluster Verify Utility component in Oracle Database Server 10.2.0.4 Unspecified vulnerability in the Cluster Verify Utility component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2010-4420 [LOW] CVE-2010-4420: Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0 Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows local users to affect confidentiality and integrity via unknown vectors.

CVE-2010-2390 [HIGH] CVE-2010-2390: Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server 10.1.0.5 and 10.2.0.3, Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3, and Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2010-2412 [MEDIUM] CVE-2010-2412: Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote aut Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVE-2010-2415 [MEDIUM] CVE-2010-2415: Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 1 Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_CDC_PUBLISH.

CVE-2010-2407 [MEDIUM] CVE-2010-2407: Unspecified vulnerability in the XDK component in Oracle Database Server 10.1.0.5, 10.2.0.4, and 11. Unspecified vulnerability in the XDK component in Oracle Database Server 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect integrity via unknown vectors.

CVE-2010-2411 [MEDIUM] CVE-2010-2411: Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 1 Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMS_IJOB.

CVE-2010-2419 [MEDIUM] CVE-2010-2419: Unspecified vulnerability in the Java Virtual Machine component in Oracle Database Server 10.1.0.5, Unspecified vulnerability in the Java Virtual Machine component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2010-2389 [LOW] CVE-2010-2389: Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0 Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Logon.

CVE-2010-2391 [LOW] CVE-2010-2391: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5 and 10.2.0. Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5 and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVE-2010-0911 [HIGH] CVE-2010-0911: Unspecified vulnerability in the Listener component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10 Unspecified vulnerability in the Listener component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect availability via unknown vectors.

CVE-2010-0903 [HIGH] CVE-2010-0903: Unspecified vulnerability in the Net Foundation Layer component in Oracle Database Server 9.2.0.8, 1 Unspecified vulnerability in the Net Foundation Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1, when running on Windows, allows remote attackers to affect availability via unknown vectors.

CVE-2010-0892 [MEDIUM] CVE-2010-0892: Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2.0.00.27 Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2.0.00.27 allows remote attackers to affect integrity via unknown vectors.