Page 23 of 114 results (0.005 seconds)

CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0

Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries. Múltiples vulnerabilidades de inyección de SQL en Oracle Applications 11.0 y Oracle E-Business Suite 11.5.1 a 11.5.8 permite a atacantes remotos ejecutar procedimientos y consultas SQL de su elección. • http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0032.html http://marc.info/?l=bugtraq&m=108638417302229&w=2 http://otn.oracle.com/deploy/security/pdf/2004alert67.pdf http://www.ciac.org/ciac/bulletins/o-153.shtml http://www.integrigy.com/alerts/OraAppsSQLInjection.htm http://www.kb.cert.org/vuls/id/961579 http://www.securityfocus.com/bid/10465 http://www.us-cert.gov/cas/techalerts/TA04-160A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16324 •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0

The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener. • http://marc.info/?l=bugtraq&m=105012832418415&w=2 http://otn.oracle.com/deploy/security/pdf/2003alert53.pdf http://securitytracker.com/id?1006550 http://www.integrigy.com/alerts/FNDFS_Vulnerability.htm http://www.kb.cert.org/vuls/id/168873 http://www.securityfocus.com/bid/7325 https://exchange.xforce.ibmcloud.com/vulnerabilities/11768 •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0

Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key. Múltiples vulnerabilidades en aoljtest.jsp de Oracle Applications AOL/J Setup Test Suite en Oracle E-Business Suite 11.5.1 a 11.5.8 permite a atacantes remotos obtener información sensible sin autenticarse, como la contraseña del usuario GUEST y la clave de seguridad del servidor de aplicaciones. • http://marc.info/?l=bugtraq&m=105906689120237&w=2 http://otn.oracle.com/deploy/security/pdf/2003alert55.pdf http://www.securityfocus.com/bid/8268 •

CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0

Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. Desbordamiento de búfer en el programa CGI FNDWRR.exe de Oracle Applications Web Report Review (FNDWRR) de Oracle E-Business Suite 11.0 and 11.5.1 a 11.5.8 puede permitir a atacantes remotos ejecutar código arbitrario mediante una URL larga. • http://marc.info/?l=bugtraq&m=105906721920776&w=2 http://otn.oracle.com/deploy/security/pdf/2003alert56.pdf •