Page 6 of 30 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0

The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener. • http://marc.info/?l=bugtraq&m=105012832418415&w=2 http://otn.oracle.com/deploy/security/pdf/2003alert53.pdf http://securitytracker.com/id?1006550 http://www.integrigy.com/alerts/FNDFS_Vulnerability.htm http://www.kb.cert.org/vuls/id/168873 http://www.securityfocus.com/bid/7325 https://exchange.xforce.ibmcloud.com/vulnerabilities/11768 •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0

Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key. Múltiples vulnerabilidades en aoljtest.jsp de Oracle Applications AOL/J Setup Test Suite en Oracle E-Business Suite 11.5.1 a 11.5.8 permite a atacantes remotos obtener información sensible sin autenticarse, como la contraseña del usuario GUEST y la clave de seguridad del servidor de aplicaciones. • http://marc.info/?l=bugtraq&m=105906689120237&w=2 http://otn.oracle.com/deploy/security/pdf/2003alert55.pdf http://www.securityfocus.com/bid/8268 •

CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0

Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. Desbordamiento de búfer en el programa CGI FNDWRR.exe de Oracle Applications Web Report Review (FNDWRR) de Oracle E-Business Suite 11.0 and 11.5.1 a 11.5.8 puede permitir a atacantes remotos ejecutar código arbitrario mediante una URL larga. • http://marc.info/?l=bugtraq&m=105906721920776&w=2 http://otn.oracle.com/deploy/security/pdf/2003alert56.pdf •

CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 1

Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors. • http://www.iss.net/security_center/static/10285.php http://www.oracle.com/technology/deploy/security/pdf/2002alert44rev1.pdf http://www.securityfocus.com/bid/5901 •

CVSS: 5.0EPSS: 2%CPEs: 6EXPL: 0

Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 allows remote attackers to execute unauthorized PL/SQL procedures by modifying the Oracle Applications URL. • http://otn.oracle.com/deploy/security/pdf/apps_alert_ebiz2.pdf http://www.securityfocus.com/bid/4551 https://exchange.xforce.ibmcloud.com/vulnerabilities/8897 •