CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0CVE-2009-0994
https://notcve.org/view.php?id=CVE-2009-0994
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-1017. Vulnerabilidad no especificada en el componente BI Publisher en Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3 y 10.1.3.4 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2009-1017. • http://osvdb.org/53744 http://secunia.com/advisories/34693 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2009-1010
https://notcve.org/view.php?id=CVE-2009-1010
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008. Vulnerabilidad no especificada en el componente Outside In Technology en Oracle Application Server 8.2.2 y 8.3.0 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad, relacionado con HTML, una vulnerabilidad diferente a CVE-2009-1008. • http://osvdb.org/53749 http://secunia.com/advisories/34693 http://www-01.ibm.com/support/docview.wss?uid=swg21660640 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2009-1011
https://notcve.org/view.php?id=CVE-2009-1011
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is for multiple integer overflows in a function that parses an optional data stream within a Microsoft Office file, leading to a heap-based buffer overflow. Vulnerabilidad no especificada en el componente Outside In Technology en Oracle Application Server v8.2.2 y v8.3.0 permite a los usuarios locales afectar a la confidencialidad, integridad y disponibilidad relacionadas con HTML. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=798 http://osvdb.org/53750 http://secunia.com/advisories/34693 http://www-01.ibm.com/support/docview.wss?uid=swg21660640 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •
CVSS: 5.5EPSS: 0%CPEs: 65EXPL: 0CVE-2008-4014 – Oracle Application Server Cross Site Scripting
https://notcve.org/view.php?id=CVE-2008-4014
Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Vulnerabilidad sin especificar en el componente Oracle BPEL Process Manager en Oracle Application Server None permite a usuarios remotamente autentificados afectar la confidencialidad e integridad mediante vectores desconocidos. The Oracle Application Server (SOA) version 10.1.3.1.0 suffers from a cross site scripting vulnerability. • http://secunia.com/advisories/33525 http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html http://www.securityfocus.com/bid/33177 http://www.securitytracker.com/id?1021572 http://www.vupen.com/english/advisories/2009/0115 •
CVSS: 1.7EPSS: 0%CPEs: 4EXPL: 0CVE-2008-2619
https://notcve.org/view.php?id=CVE-2008-2619
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server 1.0.2.2, 9.0.4.3, and 10.1.2.2, and E-Business Suite 11.5.10.2, allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad sin especificar en el componente Oracle Reports Developer de Oracle Application Server 1.0.2.2, 9.0.4.3, and 10.1.2.2 y E-Business Suite 11.5.10.2 permite a un atacante remoto autentificado comprometer la disponibilidad por medio de un método desconocido. • http://secunia.com/advisories/32291 http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html http://www.securitytracker.com/id?1021054 http://www.securitytracker.com/id?1021057 http://www.vupen.com/english/advisories/2008/2825 https://exchange.xforce.ibmcloud.com/vulnerabilities/45878 •