NotCVE - vendor:"Oracle" product:"Application Server" version:"5.6.2"

36 results (0.004 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-15023 – SiteFusion Application Server Extension getextension.php path traversal

https://notcve.org/view.php?id=CVE-2016-15023

A vulnerability, which was classified as problematic, was found in SiteFusion Application Server up to 6.6.6. This affects an unknown part of the file getextension.php of the component Extension Handler. The manipulation leads to path traversal. Upgrading to version 6.6.7 is able to address this issue. The identifier of the patch is 49fff155c303d6cd06ce8f97bba56c9084bf08ac. • https://github.com/sitefusion/server/commit/49fff155c303d6cd06ce8f97bba56c9084bf08ac https://github.com/sitefusion/server/pull/67 https://github.com/sitefusion/server/releases/tag/v6.6.7 https://vuldb.com/?ctiid.219765 https://vuldb.com/?id.219765 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2009-0989

https://notcve.org/view.php?id=CVE-2009-0989

Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0990. Vulnerabilidad no especificada en el componente BI Publisher en Oracle Application Server 5.6.2, 10.1.3.2.1 y 10.1.3.3.3 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2009-0990. • http://osvdb.org/53742 http://secunia.com/advisories/34693 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •

CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0

CVE-2009-0994

https://notcve.org/view.php?id=CVE-2009-0994

Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-1017. Vulnerabilidad no especificada en el componente BI Publisher en Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3 y 10.1.3.4 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2009-1017. • http://osvdb.org/53744 http://secunia.com/advisories/34693 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2009-0990

https://notcve.org/view.php?id=CVE-2009-0990

Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0989. Vulnerabilidad no especificada en el componente BI Publisher en Oracle Application Server 5.6.2, 10.1.3.2.1 y 10.1.3.3.3 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2009-0989. • http://osvdb.org/53743 http://secunia.com/advisories/34693 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •

CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0

CVE-2009-1017

https://notcve.org/view.php?id=CVE-2009-1017

Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-0994. Vulnerabilidad no especificada en el componente BI Publisher en Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3 y 10.1.3.4 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2009-0994. • http://osvdb.org/53746 http://secunia.com/advisories/34693 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •

1 2 3 4 5