David Litchfield

**Name of the Vulnerable Software and Affected Versions** IBM DB2 versions 9.7 through FP10 IBM DB2 versions 9.8 through FP5 IBM DB2 versions 10.1 before FP5 IBM DB2 versions 10.5 through FP5 **Description** The issue is related to errors in the code of the scalar-function implementation in IBM DB2, which can be exploited by a remote attacker to cause a denial of service or execute arbitrary code. The exploitation is possible via unspecified vectors. **Recommendations** For IBM DB2 versions 9.7 through FP10, update to a version after FP10 to resolve the issue. For IBM DB2 versions 9.8 through FP5, update to a version after FP5 to resolve the issue. For IBM DB2 versions 10.1 before FP5, update to FP5 or later to resolve the issue. For IBM DB2 versions 10.5 through FP5, update to a version after FP5 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Oracle Workspace Manager versions prior to 10.2.0.4.1 Oracle Workspace Manager versions prior to 10.1.0.8.0 Oracle Workspace Manager versions prior to 9.2.0.8.0 Description: A SQL injection issue allows attackers to execute arbitrary SQL commands via the `FINDRICSET` procedure in the `LT` package. Recommendations: For versions prior to 10.2.0.4.1, update to version 10.2.0.4.1 or later. For versions prior to 10.1.0.8.0, update to version 10.1.0.8.0 or later. For versions prior to 9.2.0.8.0, update to version 9.2.0.8.0 or later.

**Name of the Vulnerable Software and Affected Versions** Oracle Database versions 9.0.1.5 and later, 9.2.0.7, 10.1.0.4 **Description** The issue concerns an unspecified vulnerability in the Core RDBMS component of Oracle Database. It is reported that this vulnerability may allow local users to inject threads and execute arbitrary code via the `OpenProcess`, `OpenThread`, and `SetThreadContext` functions. This is allegedly due to the RDBMS using a NULL Discretionary Access Control List (DACL) for the Oracle process and certain shared memory sections. **Recommendations** For Oracle Database versions 9.0.1.5 and later, 9.2.0.7, 10.1.0.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle Database versions 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 **Description** The issue is related to an unspecified vulnerability in the Core RDBMS component. It has unknown impact and can be exploited through remote authenticated attack vectors. **Recommendations** For Oracle Database version 9.0.1.5, update to a version that addresses this issue. For Oracle Database version 9.2.0.8, update to a version that addresses this issue. For Oracle Database version 10.1.0.5, update to a version that addresses this issue. For Oracle Database version 10.2.0.2, update to a version that addresses this issue.

**Name of the Vulnerable Software and Affected Versions** Oracle Database versions 9.2.0.7 through 10.1.0.5 **Description** The issue concerns multiple unspecified vulnerabilities in the Change Data Capture (CDC) component. These vulnerabilities have unknown impact and are related to remote authenticated attack vectors. Specifically, they involve the `sys.dbms cdc ipublish` and `sys.dbms cdc isubscribe` components. Reports suggest that one vulnerability may be related to SQL injection in `CREATE CHANGE TABLE` and `CHANGE TABLE TRIGGER`, while another may be related to PL/SQL injection in the `PREPARE UNBOUNDED VIEW` procedure. **Recommendations** For Oracle Database versions 9.2.0.7 through 10.1.0.5, consider restricting access to the `sys.dbms cdc ipublish` and `sys.dbms cdc isubscribe` components until a patch is available. As a temporary workaround, avoid using the `CREATE CHANGE TABLE` and `CHANGE TABLE TRIGGER` procedures, as well as the `PREPARE UNBOUNDED VIEW` procedure, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle Database version 10.1.0.3 **Description** The issue is related to an unspecified vulnerability in the Database Scheduler component, specifically with `sys.dbms scheduler`. It has remote authenticated attack vectors, but the impact is unknown. **Recommendations** For Oracle Database version 10.1.0.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle E-Business Suite versions 11.5.7 through 11.5.10CU2 **Description** The issue affects Oracle E-Business Suite with multiple unspecified vulnerabilities. These vulnerabilities have remote authenticated attack vectors, indicating that an attacker would need to be authenticated to exploit them. The impact of these vulnerabilities is unknown. The vulnerabilities are located in various components, including Oracle Applications Framework, Oracle Applications Technology Stack, Oracle Balanced Scorecard, Oracle Scripting, and Oracle Trading Community. **Recommendations** For Oracle E-Business Suite versions 11.5.7 through 11.5.10CU2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle Database versions 10.1.0.5 through 10.2.0.2 **Description** The issue involves multiple unspecified vulnerabilities with remote authenticated attack vectors. These vulnerabilities are related to the Change Data Capture (CDC) and Oracle Spatial components. Specifically, they involve `sys.dbms cdc impdp`, `sys.dbms cdc isubscribe`, and `mdsys.sdo geor int`. Reports from reliable third parties suggest that these issues may be related to SQL injection in certain functions. **Recommendations** For Oracle Database versions 10.1.0.5 through 10.2.0.2, consider restricting access to the vulnerable components, such as the Change Data Capture (CDC) and Oracle Spatial components, until a fix is available. As a temporary workaround, consider disabling the use of the `BUMP SEQUENCE`, `CREATE SUBSCRIPTION`, `EXTEND WINDOW LIST`, `SUBSCRIBE`, and `COMPRESSDATA` functions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM Informix Dynamic Server (IDS) versions 9.40.TC7 through 9.40.TC8 IBM Informix Dynamic Server (IDS) versions 10.00.TC4 through 10.00.TC5 **Description** The issue is caused by a buffer overflow when a long `username` is used, leading to an overflow in the `vsprintf` function when displaying the resulting error message, allowing remote attackers to execute arbitrary code. **Recommendations** For IBM Informix Dynamic Server (IDS) versions 9.40.TC7 through 9.40.TC8, consider restricting access to the login functionality until a patch is available. For IBM Informix Dynamic Server (IDS) versions 10.00.TC4 through 10.00.TC5, consider restricting access to the login functionality until a patch is available. As a temporary workaround, consider limiting the length of the `username` to prevent the buffer overflow.

**Name of the Vulnerable Software and Affected Versions** IBM Informix Dynamic Server (IDS) (affected versions not specified) **Description** The issue allows remote authenticated users to create and overwrite arbitrary files. This can be achieved through the `LOTOFILE` and `trl tracefile set` functions, as well as the "SET DEBUG FILE" commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Informix Dynamic Server (IDS) versions prior to 9.40.xC7 IBM Informix Dynamic Server (IDS) versions prior to 10.00.xC3 **Description** The issue allows remote authenticated users to execute arbitrary commands. This can be achieved through the "SET DEBUG FILE" SQL command, as well as the start onpload and dbexp functions. **Recommendations** For versions prior to 9.40.xC7, update to version 9.40.xC7 or later. For versions prior to 10.00.xC3, update to version 10.00.xC3 or later.

**Name of the Vulnerable Software and Affected Versions** Oracle Database Server 10g Release 2 **Description** The issue allows local users to execute arbitrary SQL queries by referencing a malicious package in the `TYPE NAME` argument within the `GET DOMAIN INDEX TABLES` or `GET V2 DOMAIN INDEX TABLES` function in the `DBMS EXPORT EXTENSION` package. **Recommendations** For Oracle Database Server 10g Release 2, consider restricting access to the `DBMS EXPORT EXTENSION` package to minimize the risk of exploitation. As a temporary workaround, avoid using the `TYPE NAME` argument in the affected functions until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Oracle Database server versions 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 **Description** The issue is related to an unspecified vulnerability in the Net Listener component of the Oracle Database server. The impact and attack vectors of this issue are not specified. **Recommendations** For Oracle Database server version 8.1.7.4, update to a version that includes the fix for this issue. For Oracle Database server version 9.0.1.5, update to a version that includes the fix for this issue. For Oracle Database server version 9.0.1.5 FIPS, update to a version that includes the fix for this issue. For Oracle Database server version 9.2.0.7, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle Database Server versions 9.2.0.7 through 10.1.0.5 Oracle Application Server versions 1.0.2.2 through 10.1.3.0.0 Oracle E-Business Suite and Applications version 11.5.10 Oracle Collaboration Suite versions 9.0.4.2 through 10.1.2.1 **Description** The issue allows attackers to bypass the PLSQLExclusion list, which is supposed to restrict access to certain packages and procedures. This bypass enables attackers to access excluded packages and procedures. **Recommendations** For Oracle Database Server versions 9.2.0.7 through 10.1.0.5, update to a version that includes a fix for this issue. For Oracle Application Server versions 1.0.2.2 through 10.1.3.0.0, update to a version that includes a fix for this issue. For Oracle E-Business Suite and Applications version 11.5.10, update to a version that includes a fix for this issue. For Oracle Collaboration Suite versions 9.0.4.2 through 10.1.2.1, update to a version that includes a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Oracle Database server versions 8.1.7.4 through 10.2.0.1 **Description** The issue involves multiple unspecified vulnerabilities in the Oracle Database server, affecting components such as Oracle Text and Program Interface Network. It is reported that one of the vulnerabilities, DB17, involves SQL injection in various functions, including `VALIDATE STATEMENT` and `BUILD DML` in `CTXSYS.DRILOAD`, `CLEAN DML` in `CTXSYS.DRIDML`, `GET ROWID` in `CTXSYS.CTX DOC`, `BROWSE WORDS` in `CTXSYS.CTX QUERY`, and `ODCIINDEXTRUNCATE`, `ODCIINDEXDROP`, and `ODCIINDEXDELETE` in `CATINDEXMETHODS`. The impact and attack vectors of these vulnerabilities are unspecified. **Recommendations** For Oracle Database server versions 8.1.7.4 through 10.2.0.1, as a temporary workaround, consider disabling the `VALIDATE STATEMENT` and `BUILD DML` functions in `CTXSYS.DRILOAD`, the `CLEAN DML` function in `CTXSYS.DRIDML`, the `GET ROWID` function in `CTXSYS.CTX DOC`, the `BROWSE WORDS` function in `CTXSYS.CTX QUERY`, and the `ODCIINDEXTRUNCATE`, `ODCIINDEXDROP`, and `ODCIINDEXDELETE` functions in `CATINDEXMETHODS` until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle Database server versions 9.0.1.5, 9.2.0.7, and 10.1.0.5 **Description** The issue is related to an unspecified vulnerability in the Query Optimizer component of the Oracle Database server. The impact and attack vectors of this issue are not specified. **Recommendations** For Oracle Database server version 9.0.1.5, update to a version that includes the fix for this issue. For Oracle Database server version 9.2.0.7, update to a version that includes the fix for this issue. For Oracle Database server version 10.1.0.5, update to a version that includes the fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Oracle PeopleSoft Enterprise Portal versions 8.4 Bundle 15, 8.8 Bundle 10, 8.9 Bundle 2 **Description** The issue affects Oracle PeopleSoft Enterprise Portal with unspecified impact and attack vectors. **Recommendations** For Oracle PeopleSoft Enterprise Portal versions 8.4 Bundle 15, 8.8 Bundle 10, and 8.9 Bundle 2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle Database server versions 9.2.0.6 and 10.1.0.4 **Description** The issue is related to an unspecified vulnerability in the Query Optimizer component of the Oracle Database server. The impact and attack vectors of this issue are not specified. **Recommendations** For Oracle Database server version 9.2.0.6, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Oracle Database server version 10.1.0.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle Database server versions 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 **Description** The issue concerns an unspecified vulnerability in the Net Foundation Layer component of the Oracle Database server. The impact and attack vectors of this issue are not specified. **Recommendations** For Oracle Database server version 8.1.7.4, update to a version that includes the fix for this issue. For Oracle Database server version 9.0.1.5, update to a version that includes the fix for this issue. For Oracle Database server version 9.0.1.5 FIPS, update to a version that includes the fix for this issue. For Oracle Database server version 9.2.0.6, update to a version that includes the fix for this issue. For Oracle Database server version 10.1.0.4, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle E-Business Suite and Applications version 4.3 **Description** The issue concerns multiple unspecified vulnerabilities in the Oracle iLearning component, which have unspecified impact and attack vectors. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.