CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 1CVE-2008-5446
https://notcve.org/view.php?id=CVE-2008-5446
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is related to unrestricted guest access to the "About Us Page" in the Oracle Applications Framework (OAF), which allows attackers to obtain sensitive system and application environment information. Una vulnerabilidad no especificada en el componente Oracle Applications Framework de Oracle E-Business Suite versiones 11.5.10 CU2 y 12.0.6, permite a los usuarios autenticados remotos afectar la confidencialidad por medio de vectores desconocidos. NOTA: la información anterior fue obtenida de la CPU de enero de 2009. • http://secniche.org/papers/orabs.pdf http://secunia.com/advisories/33525 http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html http://www.securityfocus.com/archive/1/500171/100/0/threaded http://www.securityfocus.com/bid/33177 http://www.securitytracker.com/id?1021568 http://www.vupen.com/english/advisories/2009/0115 •
CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3993
https://notcve.org/view.php?id=CVE-2008-3993
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote authenticated users to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Applications Framework component en Oracle E-Business Suite v11.5.10.2 y v12.0.4 permite a usuarios remotos autenticados afectar a la integridad a través de vectores desconocidos. • http://secunia.com/advisories/32291 http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html http://www.securitytracker.com/id?1021057 http://www.vupen.com/english/advisories/2008/2825 https://exchange.xforce.ibmcloud.com/vulnerabilities/45897 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3988
https://notcve.org/view.php?id=CVE-2008-3988
Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad no especificadas en el componente iSupplier Portal en Oracle E-Business Suite v11.5.10.2 y v12.0.4 permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos. • http://secunia.com/advisories/32291 http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html http://www.securitytracker.com/id?1021057 http://www.vupen.com/english/advisories/2008/2825 https://exchange.xforce.ibmcloud.com/vulnerabilities/45891 •
CVSS: 10.0EPSS: 1%CPEs: 26EXPL: 0CVE-2008-0340
https://notcve.org/view.php?id=CVE-2008-0340
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04). Múltiples vulnerabilidades no especificadas en Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, y 10.2.0.3 tiene impacto y vectores de ataque desconocidos, relacionados con los componentes (1) Advanced Queuing y (2) Oracle Spatial (DB04). • http://marc.info/?l=bugtraq&m=120058413923005&w=2 http://secunia.com/advisories/28518 http://secunia.com/advisories/28556 http://securitytracker.com/id?1019218 http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html http://www.securityfocus.com/bid/27229 http://www.us-cert.gov/cas/techalerts/TA08-017A.html http://www.vupen.com/english/advisories/2008/0150 http://www.vupen.com/english/advisories/2008/0180 •
CVSS: 10.0EPSS: 1%CPEs: 26EXPL: 0CVE-2008-0343
https://notcve.org/view.php?id=CVE-2008-0343
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has unknown impact and remote attack vectors, aka DB06. Vulnerabilidad no especificada en el componente Oracle Spatial de Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, y 10.1.0.5 tiene impacto y vectores de ataque remotos desconocidos, también conocido como DB06. • http://marc.info/?l=bugtraq&m=120058413923005&w=2 http://secunia.com/advisories/28518 http://secunia.com/advisories/28556 http://securitytracker.com/id?1019218 http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html http://www.securityfocus.com/bid/27229 http://www.us-cert.gov/cas/techalerts/TA08-017A.html http://www.vupen.com/english/advisories/2008/0150 http://www.vupen.com/english/advisories/2008/0180 •