CVE-2008-3993
https://notcve.org/view.php?id=CVE-2008-3993
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote authenticated users to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Applications Framework component en Oracle E-Business Suite v11.5.10.2 y v12.0.4 permite a usuarios remotos autenticados afectar a la integridad a través de vectores desconocidos. • http://secunia.com/advisories/32291 http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html http://www.securitytracker.com/id?1021057 http://www.vupen.com/english/advisories/2008/2825 https://exchange.xforce.ibmcloud.com/vulnerabilities/45897 •
CVE-2008-3988
https://notcve.org/view.php?id=CVE-2008-3988
Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad no especificadas en el componente iSupplier Portal en Oracle E-Business Suite v11.5.10.2 y v12.0.4 permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos. • http://secunia.com/advisories/32291 http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html http://www.securitytracker.com/id?1021057 http://www.vupen.com/english/advisories/2008/2825 https://exchange.xforce.ibmcloud.com/vulnerabilities/45891 •
CVE-2007-5766 – Oracle E-Business Suite SQL Injection Vulnerability
https://notcve.org/view.php?id=CVE-2007-5766
SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure. Vulnerabilidad de inyección SQL en okxLOV.jsp de Oracle E-Business Suite 11 y 12 permite a atacantes remotos ejecutar comandos sql de su elección mediante vectores desconocidos. NOTA: este es probablemente el mismo asunto que CVE-2007-5527 o CVE-2007-5528, pero no hay detalles suficientes como para estar seguros. This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of Oracle E-Business Suite. • http://osvdb.org/40080 http://securityreason.com/securityalert/3344 http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html http://www.securityfocus.com/archive/1/483098/100/100/threaded http://www.zerodayinitiative.com/advisories/ZDI-07-058.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2006-1884
https://notcve.org/view.php?id=CVE-2006-1884
Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01. • http://secunia.com/advisories/19712 http://secunia.com/advisories/19859 http://securitytracker.com/id?1015961 http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html http://www.securityfocus.com/archive/1/432267/100/0/threaded http://www.securityfocus.com/bid/17590 http://www.vupen.com/english/advisories/2006/1397 http://www.vupen.com/english/advisories/2006/1571 https://exchange.xforce.ibmcloud.com/vulnerabilities/26058 •
CVE-2005-3456
https://notcve.org/view.php?id=CVE-2005-3456
Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.9 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS04 in Application Object Library, and (2) APPS17, (3) APPS18, and (4) APPS21 in Workflow Cartridge. • http://secunia.com/advisories/17250 http://www.kb.cert.org/vuls/id/210524 http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html http://www.securityfocus.com/bid/15134 http://www.us-cert.gov/cas/techalerts/TA05-292A.html •