CVE-2016-3435
https://notcve.org/view.php?id=CVE-2016-3435
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect availability via vectors related to PIA Core Technology. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise PeopleTools en Oracle PeopleSoft Products 8.53, 8.54 y 8.55 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con PIA Core Technology. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.securitytracker.com/id/1035610 •
CVE-2016-0698
https://notcve.org/view.php?id=CVE-2016-0698
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Rich Text Editor, a different vulnerability than CVE-2016-3423. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise PeopleTools en Oracle PeopleSoft Products 8.53, 8.54 y 8.55 permite a usuarios remotos autenticados afectar a la confidencialidad e integridad a través de vectores relacionados con Rich Text Editor, una vulnerabilidad distinta a CVE-2016-3423. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.securitytracker.com/id/1035610 •
CVE-2016-3417
https://notcve.org/view.php?id=CVE-2016-3417
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to PIA Search Functionality. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise PeopleTools en Oracle PeopleSoft Products 8.53, 8.54 y 8.55 permite a usuarios remotos autenticados afectar a la confidencialidad e integridad a través de vectores relacionados con la funcionalidad PIA Search. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.securitytracker.com/id/1035610 •
CVE-2015-3197 – OpenSSL: SSLv2 doesn't block disabled ciphers
https://notcve.org/view.php?id=CVE-2015-3197
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. ssl/s2_srvr.c en OpenSSL 1.0.1 en versiones anteriores a 1.0.1r y 1.0.2 en versiones anteriores a 1.0.2f no impide el uso de cifrados deshabilitados, lo que hace que sea más fácil para atacantes man-in-the-middle vencer los mecanismos de protección criptográfica llevando a cabo cálculos sobre tráfico SSLv2, relacionado con las funciones get_client_master_key y get_client_hello. A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that were disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-310: Cryptographic Issues •
CVE-2016-0463
https://notcve.org/view.php?id=CVE-2016-0463
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality via unknown vectors related to Portal. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise PeopleTools en Oracle PeopleSoft Products 8.53, 8.54 y 8.55 permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con Portal. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securitytracker.com/id/1034720 •