CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0457
https://notcve.org/view.php?id=CVE-2016-0457
Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows remote attackers to affect confidentiality via vectors related to REST Framework, a different vulnerability than CVE-2016-0456. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability, which allows remote attackers to read arbitrary files, cause a denial of service, conduct server-side request forgery (SSRF) attacks, or conduct SMB Relay attacks via a crafted DTD in an XML request to OA_HTML/lcmServiceController.jsp. Vulnerabilidad no especificada en el Application Mgmt Pack para el componente E-Business Suite en Oracle E-Business Suite 12.1 y 12.2 permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con REST Framework, una vulnerabilidad diferente a CVE-2016-0456. NOTA: la información anterior es de la CPU de Enero de 2016. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securitytracker.com/id/1034726 https://erpscan.io/advisories/erpscan-16-007-oracle-e-business-suite-xxe-injection-vulnerability •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0512
https://notcve.org/view.php?id=CVE-2016-0512
Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Self Service - Common Modules. Vulnerabilidad no especificada en el componente Oracle Human Resources en Oracle E-Business Suite 11.5.10.2 permite a atacantes remotos afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con Self Service - Common Modules. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securitytracker.com/id/1034726 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0519
https://notcve.org/view.php?id=CVE-2016-0519
Unspecified vulnerability in the Oracle iReceivables component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to AR Web Utilities, a different vulnerability than CVE-2016-0507. Vulnerabilidad no especificada en el componente Oracle iReceivables en Oracle E-Business Suite 11.5.10.2 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con AR Web Utilities, una vulnerabilidad diferente a CVE-2016-0507. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securitytracker.com/id/1034726 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0513
https://notcve.org/view.php?id=CVE-2016-0513
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components. Vulnerabilidad no especificada en el componente Oracle CRM Technical Foundation en Oracle E-Business Suite 11.5.10.2 permite a atacantes remotos afectar a la integridad a través de vectores relacionados con BIS Common Components. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securitytracker.com/id/1034726 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-0556
https://notcve.org/view.php?id=CVE-2016-0556
Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Administration, a different vulnerability than CVE-2016-0557. Vulnerabilidad no especificada en el componente Oracle Advanced Collections en Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2 y 12.1.3 permite a usuarios remotos autenticados afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con Administration, una vulnerabilidad diferente a CVE-2016-0557. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securitytracker.com/id/1034726 •