cvelistv5 - cve-2008-0346

CVE-2008-0346 (GCVE-0-2008-0346)

Vulnerability from cvelistv5 – Published: 2008-01-17 22:00 – Updated: 2024-08-07 07:39

Summary

Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://securitytracker.com/id?1019218	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/27229	vdb-entryx_refsource_BID
	http://www.us-cert.gov/cas/techalerts/TA08-017A.html	third-party-advisoryx_refsource_CERT
	http://www.vupen.com/english/advisories/2008/0150	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2008/0180	vdb-entryx_refsource_VUPEN
	http://marc.info/?l=bugtraq&m=120058413923005&w=2	vendor-advisoryx_refsource_HP
	http://osvdb.org/40294	vdb-entryx_refsource_OSVDB
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=120058413923005&w=2	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/28556	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/28518	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:39:35.188Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1019218",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019218"
          },
          {
            "name": "27229",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27229"
          },
          {
            "name": "TA08-017A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html"
          },
          {
            "name": "ADV-2008-0150",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0150"
          },
          {
            "name": "ADV-2008-0180",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0180"
          },
          {
            "name": "SSRT061201",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
          },
          {
            "name": "40294",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40294"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html"
          },
          {
            "name": "HPSBMA02133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
          },
          {
            "name": "28556",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28556"
          },
          {
            "name": "28518",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28518"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-01-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-01-23T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1019218",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019218"
        },
        {
          "name": "27229",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27229"
        },
        {
          "name": "TA08-017A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html"
        },
        {
          "name": "ADV-2008-0150",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0150"
        },
        {
          "name": "ADV-2008-0180",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0180"
        },
        {
          "name": "SSRT061201",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
        },
        {
          "name": "40294",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40294"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html"
        },
        {
          "name": "HPSBMA02133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
        },
        {
          "name": "28556",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28556"
        },
        {
          "name": "28518",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28518"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0346",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1019218",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019218"
            },
            {
              "name": "27229",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27229"
            },
            {
              "name": "TA08-017A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html"
            },
            {
              "name": "ADV-2008-0150",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0150"
            },
            {
              "name": "ADV-2008-0180",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0180"
            },
            {
              "name": "SSRT061201",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
            },
            {
              "name": "40294",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40294"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html"
            },
            {
              "name": "HPSBMA02133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
            },
            {
              "name": "28556",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28556"
            },
            {
              "name": "28518",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28518"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-0346",
    "datePublished": "2008-01-17T22:00:00",
    "dateReserved": "2008-01-17T00:00:00",
    "dateUpdated": "2024-08-07T07:39:35.188Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC4ED2EB-1E90-4E99-AAD6-5D838800F9B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CA9867F-D7BC-4230-9584-C2FBB6642482\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0B4BAA9-D045-4D2B-8220-47F47ED936DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE6C4D36-D9D1-4143-94AA-D8E08F23D2E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F01A3ABC-2033-47E0-A84C-62CCA67C578F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3DB877D9-C8BB-4A08-A953-043F7DB5BA6E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B77FF3B-B84E-4918-8688-0B25CFC61141\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE059C8C-BA43-4757-8CA6-8E1B67DF8903\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDF7ABE6-0AFB-4A74-A533-2D390991A6CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*\", \"matchCriteriaId\": \"D86DC2E3-3B89-4FAC-9B8F-DC629B50ADC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"432A3020-9977-4A10-9CDA-3A71E83F63F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37C10722-4CC7-4C06-8DBC-4D96307DB41E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03A522A3-07D7-481F-A538-EA3D13256F63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67FF2A2E-3693-424E-B53D-0BAD01D53F7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED41086B-840A-4B39-B249-461A4B00B57B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2AF3BD5-BA86-485A-9E78-A5F95B1ECEBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78408427-3FFB-45C4-82EF-C8D636B3A718\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9B1BE09-4A96-41A3-AA1D-74533F396998\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80B61990-9CC2-4215-9879-AC817F4E6767\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:e-business_suite:12.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D0CBDB5-B13D-4071-994A-E1318A3821DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"610AE265-C18D-4895-8034-5DB331DC68DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:e-business_suite:12.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97765939-6102-402F-ACE7-AA7B2350016E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:e-business_suite:12.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1036B69E-013B-4492-B691-40BAC7C2F42A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C2CF929-6203-436A-AAEB-6E2142B2B1F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C098860-0862-4C5B-8EE4-9469D5D01815\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"445508AC-3316-459F-98C1-8310EF327E8B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en el componente Oracle Jinitiator de Oracle Application Server 1.3.1.27 y E-Business Suite 11.5.10.2 tiene impacto y vectores de ataque remotos desconocidos, tambi\\u00e9n conocido como AS01.\"}]",
      "id": "CVE-2008-0346",
      "lastModified": "2024-11-21T00:41:47.003",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": true, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-01-17T23:00:00.000",
      "references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/40294\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/28518\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28556\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1019218\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/27229\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-017A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0150\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0180\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/40294\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/28518\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28556\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1019218\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/27229\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-017A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0150\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0180\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-0346\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-01-17T23:00:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el componente Oracle Jinitiator de Oracle Application Server 1.3.1.27 y E-Business Suite 11.5.10.2 tiene impacto y vectores de ataque remotos desconocidos, tambi\u00e9n conocido como AS01.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":true,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC4ED2EB-1E90-4E99-AAD6-5D838800F9B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CA9867F-D7BC-4230-9584-C2FBB6642482\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0B4BAA9-D045-4D2B-8220-47F47ED936DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE6C4D36-D9D1-4143-94AA-D8E08F23D2E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F01A3ABC-2033-47E0-A84C-62CCA67C578F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DB877D9-C8BB-4A08-A953-043F7DB5BA6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B77FF3B-B84E-4918-8688-0B25CFC61141\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE059C8C-BA43-4757-8CA6-8E1B67DF8903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDF7ABE6-0AFB-4A74-A533-2D390991A6CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*\",\"matchCriteriaId\":\"D86DC2E3-3B89-4FAC-9B8F-DC629B50ADC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"432A3020-9977-4A10-9CDA-3A71E83F63F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37C10722-4CC7-4C06-8DBC-4D96307DB41E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03A522A3-07D7-481F-A538-EA3D13256F63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67FF2A2E-3693-424E-B53D-0BAD01D53F7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED41086B-840A-4B39-B249-461A4B00B57B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2AF3BD5-BA86-485A-9E78-A5F95B1ECEBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78408427-3FFB-45C4-82EF-C8D636B3A718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9B1BE09-4A96-41A3-AA1D-74533F396998\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80B61990-9CC2-4215-9879-AC817F4E6767\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:e-business_suite:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D0CBDB5-B13D-4071-994A-E1318A3821DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"610AE265-C18D-4895-8034-5DB331DC68DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:e-business_suite:12.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97765939-6102-402F-ACE7-AA7B2350016E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:e-business_suite:12.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1036B69E-013B-4492-B691-40BAC7C2F42A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C2CF929-6203-436A-AAEB-6E2142B2B1F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C098860-0862-4C5B-8EE4-9469D5D01815\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"445508AC-3316-459F-98C1-8310EF327E8B\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/40294\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28518\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28556\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1019218\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/27229\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-017A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0150\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0180\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/40294\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28518\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28556\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1019218\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/27229\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-017A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0180\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2008-0346

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.

Aliases

CVE-2008-0346

Aliases

CVE-2008-0346

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-0346",
    "description": "Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.",
    "id": "GSD-2008-0346"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-0346"
      ],
      "details": "Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.",
      "id": "GSD-2008-0346",
      "modified": "2023-12-13T01:22:58.734610Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-0346",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1019218",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1019218"
          },
          {
            "name": "27229",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/27229"
          },
          {
            "name": "TA08-017A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html"
          },
          {
            "name": "ADV-2008-0150",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0150"
          },
          {
            "name": "ADV-2008-0180",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0180"
          },
          {
            "name": "SSRT061201",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
          },
          {
            "name": "40294",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/40294"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html"
          },
          {
            "name": "HPSBMA02133",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
          },
          {
            "name": "28556",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28556"
          },
          {
            "name": "28518",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28518"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:e-business_suite:12.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:e-business_suite:12.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:e-business_suite:12.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0346"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA08-017A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html"
            },
            {
              "name": "27229",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/27229"
            },
            {
              "name": "1019218",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1019218"
            },
            {
              "name": "28518",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28518"
            },
            {
              "name": "28556",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28556"
            },
            {
              "name": "40294",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/40294"
            },
            {
              "name": "ADV-2008-0180",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0180"
            },
            {
              "name": "ADV-2008-0150",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0150"
            },
            {
              "name": "SSRT061201",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2012-10-23T02:42Z",
      "publishedDate": "2008-01-17T23:00Z"
    }
  }
}

CERTA-2008-AVI-029

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Huit vulnérabilités affectent Oracle Database, dont sept sont exploitables à distance, mais nécessitent une authentification. Leur exploitation permet de porter atteinte à la disponibilité, à l'intégrité et à la confidentialité des données.

Six vulnérabilités affectent Oracle Application Server, dont cinq sont exploitables à distance sans authentification préalable. Leur exploitation permet de porter atteinte à la disponibilité, à l'intégrité et à la confidentialité des données.

Une vulnérabilité, exploitable sans authentification préalable, concerne Oracle Collaboration Suite et permet de porter atteinte à la confidentialité et à l'intégrité des données.

Sept vulnérabilités sont présentes dans Oracle E-business Suite, dont trois sont exploitables à distance sans authentification préalable. Leur exploitation permet de porter atteinte à la disponibilité, à l'intégrité et à la confidentialité des données.

Quatre vulnérabilités affectent PeopleTools, dont une est exploitable à distance sans authentification préalable. Leur exploitation permet de porter atteinte à la disponibilité, à l'intégrité et à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Oracle E-business Suite Release 11i et 12 ;
Oracle	N/A	Oracle Application Server 10g ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise PeopleTools 8.x.
Oracle	N/A	Oracle Database 9i, 10g et 11g ;
Oracle	N/A	Oracle Collaboration Suite 10g ;

References

Title

Publication Time

Tags

Bulletin Oracle du 15 janvier 2008	None	vendor-advisory
Bulletin de sécurité Oracle du 15 janvier 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle E-business Suite Release 11i et 12 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Application Server 10g ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise PeopleTools 8.x.",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 9i, 10g et 11g ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Collaboration Suite 10g ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nHuit vuln\u00e9rabilit\u00e9s affectent Oracle Database, dont sept sont\nexploitables \u00e0 distance, mais n\u00e9cessitent une authentification. Leur\nexploitation permet de porter atteinte \u00e0 la disponibilit\u00e9, \u00e0 l\u0027int\u00e9grit\u00e9\net \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nSix vuln\u00e9rabilit\u00e9s affectent Oracle Application Server, dont cinq sont\nexploitables \u00e0 distance sans authentification pr\u00e9alable. Leur\nexploitation permet de porter atteinte \u00e0 la disponibilit\u00e9, \u00e0 l\u0027int\u00e9grit\u00e9\net \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nUne vuln\u00e9rabilit\u00e9, exploitable sans authentification pr\u00e9alable, concerne\nOracle Collaboration Suite et permet de porter atteinte \u00e0 la\nconfidentialit\u00e9 et \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n\nSept vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Oracle E-business Suite, dont\ntrois sont exploitables \u00e0 distance sans authentification pr\u00e9alable. Leur\nexploitation permet de porter atteinte \u00e0 la disponibilit\u00e9, \u00e0 l\u0027int\u00e9grit\u00e9\net \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nQuatre vuln\u00e9rabilit\u00e9s affectent PeopleTools, dont une est exploitable \u00e0\ndistance sans authentification pr\u00e9alable. Leur exploitation permet de\nporter atteinte \u00e0 la disponibilit\u00e9, \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4467"
    },
    {
      "name": "CVE-2008-0346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0346"
    },
    {
      "name": "CVE-2008-0343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0343"
    },
    {
      "name": "CVE-2008-0342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0342"
    },
    {
      "name": "CVE-2008-0345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0345"
    },
    {
      "name": "CVE-2008-0347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0347"
    },
    {
      "name": "CVE-2008-0341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0341"
    },
    {
      "name": "CVE-2008-0349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0349"
    },
    {
      "name": "CVE-2008-0348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0348"
    },
    {
      "name": "CVE-2008-0344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0344"
    },
    {
      "name": "CVE-2008-0339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0339"
    },
    {
      "name": "CVE-2008-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0340"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 15 janvier 2008 :",
      "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2008.html"
    }
  ],
  "reference": "CERTA-2008-AVI-029",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-01-18T00:00:00.000000"
    },
    {
      "description": "lien Oracle, syst\u00e8mes affect\u00e9s.",
      "revision_date": "2008-01-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "De provoquer un d\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "De porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "De porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Mutiples vuln\u00e9rabilit\u00e9s des produits Oracle",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin Oracle du 15 janvier 2008",
      "url": null
    }
  ]
}

CERTA-2008-AVI-029

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Une vulnérabilité, exploitable sans authentification préalable, concerne Oracle Collaboration Suite et permet de porter atteinte à la confidentialité et à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Oracle E-business Suite Release 11i et 12 ;
Oracle	N/A	Oracle Application Server 10g ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise PeopleTools 8.x.
Oracle	N/A	Oracle Database 9i, 10g et 11g ;
Oracle	N/A	Oracle Collaboration Suite 10g ;

References

Title

Publication Time

Tags

Bulletin Oracle du 15 janvier 2008	None	vendor-advisory
Bulletin de sécurité Oracle du 15 janvier 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle E-business Suite Release 11i et 12 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Application Server 10g ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise PeopleTools 8.x.",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 9i, 10g et 11g ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Collaboration Suite 10g ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nHuit vuln\u00e9rabilit\u00e9s affectent Oracle Database, dont sept sont\nexploitables \u00e0 distance, mais n\u00e9cessitent une authentification. Leur\nexploitation permet de porter atteinte \u00e0 la disponibilit\u00e9, \u00e0 l\u0027int\u00e9grit\u00e9\net \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nSix vuln\u00e9rabilit\u00e9s affectent Oracle Application Server, dont cinq sont\nexploitables \u00e0 distance sans authentification pr\u00e9alable. Leur\nexploitation permet de porter atteinte \u00e0 la disponibilit\u00e9, \u00e0 l\u0027int\u00e9grit\u00e9\net \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nUne vuln\u00e9rabilit\u00e9, exploitable sans authentification pr\u00e9alable, concerne\nOracle Collaboration Suite et permet de porter atteinte \u00e0 la\nconfidentialit\u00e9 et \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n\nSept vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Oracle E-business Suite, dont\ntrois sont exploitables \u00e0 distance sans authentification pr\u00e9alable. Leur\nexploitation permet de porter atteinte \u00e0 la disponibilit\u00e9, \u00e0 l\u0027int\u00e9grit\u00e9\net \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nQuatre vuln\u00e9rabilit\u00e9s affectent PeopleTools, dont une est exploitable \u00e0\ndistance sans authentification pr\u00e9alable. Leur exploitation permet de\nporter atteinte \u00e0 la disponibilit\u00e9, \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4467"
    },
    {
      "name": "CVE-2008-0346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0346"
    },
    {
      "name": "CVE-2008-0343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0343"
    },
    {
      "name": "CVE-2008-0342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0342"
    },
    {
      "name": "CVE-2008-0345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0345"
    },
    {
      "name": "CVE-2008-0347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0347"
    },
    {
      "name": "CVE-2008-0341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0341"
    },
    {
      "name": "CVE-2008-0349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0349"
    },
    {
      "name": "CVE-2008-0348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0348"
    },
    {
      "name": "CVE-2008-0344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0344"
    },
    {
      "name": "CVE-2008-0339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0339"
    },
    {
      "name": "CVE-2008-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0340"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 15 janvier 2008 :",
      "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2008.html"
    }
  ],
  "reference": "CERTA-2008-AVI-029",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-01-18T00:00:00.000000"
    },
    {
      "description": "lien Oracle, syst\u00e8mes affect\u00e9s.",
      "revision_date": "2008-01-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "De provoquer un d\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "De porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "De porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Mutiples vuln\u00e9rabilit\u00e9s des produits Oracle",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin Oracle du 15 janvier 2008",
      "url": null
    }
  ]
}

FKIE_CVE-2008-0346

Vulnerability from fkie_nvd - Published: 2008-01-17 23:00 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=120058413923005&w=2
cve@mitre.org	http://osvdb.org/40294
cve@mitre.org	http://secunia.com/advisories/28518	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28556
cve@mitre.org	http://securitytracker.com/id?1019218
cve@mitre.org	http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html
cve@mitre.org	http://www.securityfocus.com/bid/27229
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA08-017A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0150
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0180
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120058413923005&w=2
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/40294
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28518	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28556
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019218
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27229
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA08-017A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0150
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0180

Impacted products

Vendor	Product	Version
oracle	application_server	1.0.2.2
oracle	application_server	9.0.4.3
oracle	application_server	10.1.2.0.2
oracle	application_server	10.1.2.1.0
oracle	application_server	10.1.2.2.0
oracle	application_server	10.1.3.0.0
oracle	application_server	10.1.3.1.0
oracle	application_server	10.1.3.3.0
oracle	collaboration_suite	10.1.2
oracle	database_server	9.0.1.5
oracle	database_server	9.2.0.8
oracle	database_server	9.2.0.8dv
oracle	database_server	10.1.0.5
oracle	database_server	10.2.0.2
oracle	database_server	10.2.0.3
oracle	database_server	11.1.0.6
oracle	e-business_suite	11.5.9
oracle	e-business_suite	11.5.10
oracle	e-business_suite	11.5.10.2
oracle	e-business_suite	12.0.0
oracle	e-business_suite	12.0.1
oracle	e-business_suite	12.0.2
oracle	e-business_suite	12.0.3
oracle	peoplesoft_enterprise_peopletools	8.47
oracle	peoplesoft_enterprise_peopletools	8.48
oracle	peoplesoft_enterprise_peopletools	8.49

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC4ED2EB-1E90-4E99-AAD6-5D838800F9B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CA9867F-D7BC-4230-9584-C2FBB6642482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B4BAA9-D045-4D2B-8220-47F47ED936DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE6C4D36-D9D1-4143-94AA-D8E08F23D2E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01A3ABC-2033-47E0-A84C-62CCA67C578F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB877D9-C8BB-4A08-A953-043F7DB5BA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B77FF3B-B84E-4918-8688-0B25CFC61141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE059C8C-BA43-4757-8CA6-8E1B67DF8903",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDF7ABE6-0AFB-4A74-A533-2D390991A6CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*",
              "matchCriteriaId": "D86DC2E3-3B89-4FAC-9B8F-DC629B50ADC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "432A3020-9977-4A10-9CDA-3A71E83F63F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C10722-4CC7-4C06-8DBC-4D96307DB41E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "03A522A3-07D7-481F-A538-EA3D13256F63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FF2A2E-3693-424E-B53D-0BAD01D53F7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2AF3BD5-BA86-485A-9E78-A5F95B1ECEBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B1BE09-4A96-41A3-AA1D-74533F396998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B61990-9CC2-4215-9879-AC817F4E6767",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:e-business_suite:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D0CBDB5-B13D-4071-994A-E1318A3821DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE265-C18D-4895-8034-5DB331DC68DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:e-business_suite:12.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97765939-6102-402F-ACE7-AA7B2350016E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:e-business_suite:12.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1036B69E-013B-4492-B691-40BAC7C2F42A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2CF929-6203-436A-AAEB-6E2142B2B1F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C098860-0862-4C5B-8EE4-9469D5D01815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "445508AC-3316-459F-98C1-8310EF327E8B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente Oracle Jinitiator de Oracle Application Server 1.3.1.27 y E-Business Suite 11.5.10.2 tiene impacto y vectores de ataque remotos desconocidos, tambi\u00e9n conocido como AS01."
    }
  ],
  "id": "CVE-2008-0346",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-01-17T23:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/40294"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28518"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28556"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019218"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/27229"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0150"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40294"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28518"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28556"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/27229"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0180"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-358C-93JW-G579

Vulnerability from github – Published: 2022-05-01 23:29 – Updated: 2022-05-01 23:29

Details

Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-0346"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-01-17T23:00:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.",
  "id": "GHSA-358c-93jw-g579",
  "modified": "2022-05-01T23:29:16Z",
  "published": "2022-05-01T23:29:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0346"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=120058413923005\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/40294"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28518"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28556"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1019218"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/27229"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0150"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0180"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-0346 (GCVE-0-2008-0346)

GSD-2008-0346

CERTA-2008-AVI-029

Description

Solution

CERTA-2008-AVI-029

Description

Solution

FKIE_CVE-2008-0346

GHSA-358C-93JW-G579

Tags

Sightings

Nomenclature