Searching procedures software vulnerabilities

Oracle Webserver 2.1, when serving PL/SQL store

procedures | attackers | Webserver | request | serving | service | Oracle | denial | stored | PL/SQL | remote | allows | cause | HTTP | long | via | GET |

Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request.


The xp_displayparamstmt function in SQL Server

xp_displayparamstmt | Microsoft | function | Desktop | Engine | Server | SQL |

The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.


The xp_enumresultset function in SQL Server and

xp_enumresultset | Microsoft | function | Desktop | Engine | Server | SQL |

The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.


The xp_showcolv function in SQL Server and Micr

xp_showcolv | Microsoft | function | Desktop | Engine | Server | SQL |

The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.


The xp_updatecolvbm function in SQL Server and

xp_updatecolvbm | Microsoft | function | Desktop | Engine | Server | SQL |

The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.


The xp_peekqueue function in Microsoft SQL Serv

xp_peekqueue | Microsoft | function | Server | SQL |

The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.


The xp_printstatements function in Microsoft SQ

xp_printstatements | Microsoft | function | Server | SQL |

The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.


The xp_proxiedmetadata function in Microsoft SQ

xp_proxiedmetadata | Microsoft | function | Server | SQL |

The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.


Buffer overflows in extended stored procedures

procedures | Microsoft | overflows | extended | Server | Buffer | stored | SQL |

Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments.


PL/SQL module 3.0.9.8.2 in Oracle 9i Applicatio

module | PL/SQL |

PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listprint, or (3) OWA_UTIL.show_query_columns.


SQL injection vulnerability in stored procedure

vulnerability | procedures | Microsoft | injection | Server | stored | SQL |

SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.


Buffer overflows in Lugiment Log Explorer befor

overflows | Explorer | Lugiment | before | Buffer | Log |

Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers with database permissions to execute arbitrary code via long arguments to the extended stored procedures (1) xp_logattach_StartProf, (2) xp_logattach_setport, or (3) xp_logattach.


Unknown vulnerability in Oracle E-Business Suit

vulnerability | Applications | unauthorized | procedures | E-Business | attackers | modifying | execute | Unknown | through | PL/SQL | Oracle | allows | remote | Suite | 11i6 | 11i1 | URL |

Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 allows remote attackers to execute unauthorized PL/SQL procedures by modifying the Oracle Applications URL.


Microsoft SQL Server 2000 through SQL Server 20

Microsoft | Server | SQL |

Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2) sp_MSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings.


Buffer overflows in protegrity.dll of Protegrit

protegritydll | Protegrity | SecureData | Extension | overflows | Feature | Buffer |

Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select.


SQL injection vulnerability in Snitz Forums 200

vulnerability | injection | Forums | Snitz | SQL |

SQL injection vulnerability in Snitz Forums 2000 before 3.3.03 and earlier allows remote attackers to execute arbitrary stored procedures via the Email variable.


Multiple SQL injection vulnerabilities in Oracl

vulnerabilities | Applications | injection | Multiple | Oracle | SQL |

Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries.


The PL/SQL module for the Oracle HTTP Server in

WE8ISO8859P1 | restrictions | Application | conversions | improperly | procedures | characters | sequences | character | attackers | converted | properly | perform | certain | encoded | bypass | module | PL/SQL | access | Oracle | Server | remote | allows | "%FF" | using | which | does | HTTP | 10g | "Y" | via | URL | set | not |

The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters.


Multiple SQL injection vulnerabilities in Dynix

vulnerabilities | injection | Multiple | Dynix | SQL |

Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases.


Multiple buffer overflows in MDSYS.MD in Oracle

overflows | Multiple | Database | MDSYSMD | buffer | Oracle |

Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via unspecified vectors involving certain public procedures, aka DB05.


Software vulnerabilities results 1 to 20 of 28     
Page: 12