CVE-2007-0288
https://notcve.org/view.php?id=CVE-2007-0288
Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01. Vulnerabilidad no especificada en Oracle Application Server 10.1.4.0 tienen impacto y vectores de ataque desconocidos relacionados con el Directorio de Internet Oracle (Oracle Internet Directory), también conocido como OID01. • http://osvdb.org/32903 http://secunia.com/advisories/23794 http://securitytracker.com/id?1017522 http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html http://www.securityfocus.com/bid/22083 http://www.us-cert.gov/cas/techalerts/TA07-017A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/31541 •
CVE-2007-0289
https://notcve.org/view.php?id=CVE-2007-0289
Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J01, (2) OC4J05, and (3) OC4J06. Múltiples vulnerabilidades no especificadas en Collaboration Suite 9.0.4.2 tienen impacto y vectores de ataque desconocidos relacionados con Contenedores de Oracle para J2EE, también conocido como (1) OC4J01, (2) OC4J05, y (3) OC4J06. • http://osvdb.org/32895 http://osvdb.org/32899 http://osvdb.org/32900 http://secunia.com/advisories/23794 http://securitytracker.com/id?1017522 http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html http://www.securityfocus.com/bid/22083 http://www.us-cert.gov/cas/techalerts/TA07-017A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/31541 •
CVE-2007-0284
https://notcve.org/view.php?id=CVE-2007-0284
Multiple unspecified vulnerabilities in Oracle Application Server 9.0.4.3 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2, have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J03 and (2) OC4J04. Múltiples vulnerabilidades no especificadas en Oracle Application Server 9.0.4.3 y 10.1.2.0.0, y Collaboration Suite 9.0.4.2, tienen impacto y vectores de ataque desconocidos relacionados con Contenedores de Oracle para J2EE, también conocidos como (1) OC4J03 y (2) OC4J04. • http://osvdb.org/32897 http://osvdb.org/32898 http://secunia.com/advisories/23794 http://securitytracker.com/id?1017522 http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html http://www.securityfocus.com/bid/22083 http://www.us-cert.gov/cas/techalerts/TA07-017A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/31541 •
CVE-2007-0282
https://notcve.org/view.php?id=CVE-2007-0282
Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.2 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2 has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN02. Vulnerabilidad no especificada en Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.2 y 10.1.2.0.0, y Collaboration Suite 9.0.4.2 tienen impacto y vectores de ataque desconocidos relacionados con el componente de Administración y Notificación de Procesos Oracle (Oracle Process Mgmt & Notification), también conocido como OPMN02. • http://secunia.com/advisories/23794 http://securitytracker.com/id?1017522 http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html http://www.securityfocus.com/bid/22083 http://www.us-cert.gov/cas/techalerts/TA07-017A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/31541 •
CVE-2007-0275 – Oracle HTTP Server Header Cross Site Scripting
https://notcve.org/view.php?id=CVE-2007-0275
Cross-site scripting (XSS) vulnerability in Oracle Reports Web Cartridge (RWCGI60) in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 10.1.2; and Oracle E-Business Suite and Applications 11.5.10CU2; allows remote authenticated users to inject arbitrary HTML or web script via the genuser parameter to rwcgi60, aka OWF01. Vulnerabilidad de tipo cross-site-scripting (XSS) en Oracle Reports Web Cartridge (RWCGI60) en el componente Workflow Cartridge, tal como es usado en Oracle Database versiones 9.2.0.8, 10.1.0.5 y 10.2.0.3; Application Server versiones 9.0.4.3, 10.1.2.0.2 y 10.1.2.2; Collaboration Suite versión 10.1.2; y Oracle E-Business Suite and Applications versión 11.5.10CU2; permite a los usuarios autenticados remotos inyectar script web o HTML arbitrario por medio del parámetro genuser en rwcgi60, también se conoce como OWF01. Oracle HTTP Server for Oracle Application Server 10g version 10.1.2.0.2 suffers from a cross site scripting vulnerability. • http://osvdb.org/32906 http://secunia.com/advisories/23794 http://securitytracker.com/id?1017522 http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html http://www.securityfocus.com/archive/1/457193/100/0/threaded http://www.securityfocus.com/bid/22083 http://www.us-cert.gov/cas/techalerts/TA07-017A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/31541 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •