VYPR

Internet Directory

by Oracle Corporation

CVEs (15)

  • CVE-2018-2601HigJan 18, 2018
    risk 0.52cvss 8.0epss 0.02

    Vulnerability in the Oracle Internet Directory component of Oracle Fusion Middleware (subcomponent: Oracle Directory Services Manager). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows high privileged…

  • CVE-2008-2595Jul 15, 2008
    risk 0.04cvss epss 0.11

    Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented…

  • CVE-2000-0987Dec 19, 2000
    risk 0.03cvss epss 0.01

    Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter.

  • CVE-2001-0974Jul 17, 2001
    risk 0.01cvss epss 0.06

    Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

  • CVE-2001-0975Jul 16, 2001
    risk 0.01cvss epss 0.09

    Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

  • CVE-2014-0400Jan 15, 2014
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to OID LDAP server.

  • CVE-2010-0872Apr 13, 2010
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3 allows remote attackers to affect availability via unknown vectors.

  • CVE-2010-0853Apr 13, 2010
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2.0.8, and DV; and Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2008-7237Sep 14, 2009
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows remote authenticated users to affect confidentiality via unknown vectors, aka AS06.

  • CVE-2007-5520Oct 17, 2007
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05.

  • CVE-2007-3859Jul 18, 2007
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Oracle Internet Directory component for Oracle Database 9.2.0.8 and 9.2.0.8DV; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka OID01.

  • CVE-2007-0288Jan 17, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01.

  • CVE-2005-3446Nov 2, 2005
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in Internet Directory in Oracle Database Server 9i up to 9.2.0.6 and Application Server 9.0.2.3 up to 10.1.2.0 has unknown impact and attack vectors, aka Oracle Vuln# DB32 and AS06.

  • CVE-2001-1321Jul 16, 2001
    risk 0.00cvss epss 0.06

    Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite.

  • CVE-2001-0300Jun 2, 2001
    risk 0.00cvss epss 0.01

    oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack.