cvelistv5 - cve-2010-4432

CVE-2010-4432 (GCVE-0-2010-4432)

Vulnerability from cvelistv5 – Published: 2011-01-19 16:00 – Updated: 2024-08-07 03:43

Summary

Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure.

Severity ?

No CVSS data available.

CWE

Assigner

oracle

References

URL

Tags

	http://www.vupen.com/english/advisories/2011/0146	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/45875	vdb-entryx_refsource_BID
	http://secunia.com/advisories/42993	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://osvdb.org/70566	vdb-entryx_refsource_OSVDB
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:43:14.955Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0146",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0146"
          },
          {
            "name": "45875",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/45875"
          },
          {
            "name": "42993",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42993"
          },
          {
            "name": "oracle-transportation-ui-info-disclosure(64784)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64784"
          },
          {
            "name": "70566",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/70566"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-01-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "ADV-2011-0146",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0146"
        },
        {
          "name": "45875",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/45875"
        },
        {
          "name": "42993",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42993"
        },
        {
          "name": "oracle-transportation-ui-info-disclosure(64784)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64784"
        },
        {
          "name": "70566",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/70566"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2010-4432",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2011-0146",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0146"
            },
            {
              "name": "45875",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/45875"
            },
            {
              "name": "42993",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42993"
            },
            {
              "name": "oracle-transportation-ui-info-disclosure(64784)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64784"
            },
            {
              "name": "70566",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/70566"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2010-4432",
    "datePublished": "2011-01-19T16:00:00",
    "dateReserved": "2010-12-06T00:00:00",
    "dateUpdated": "2024-08-07T03:43:14.955Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:supply_chain_products_suite:5.5.06:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08F9B9ED-6686-412F-B050-F946AEEEE75D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:supply_chain_products_suite:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F51A12E9-15E0-49B2-9F25-32C58D7364CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:supply_chain_products_suite:6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EC31414-9839-4902-BEC2-CE07728E6D18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:supply_chain_products_suite:6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78940F7B-4092-43F9-A9C9-BBFA89B16F8D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en el componente Oracle Transportation Manager para Oracle Supply Chain Products Suite v5.5.06, v6.0, v6.1, y v6.2 permite a usuarios autenticados remotamente afectar a la confidencialidad a trav\\u00e9s de vectores desconocidos relacionados con UI Infrastructure.\"}]",
      "id": "CVE-2010-4432",
      "lastModified": "2024-11-21T01:20:56.297",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:P/I:N/A:N\", \"baseScore\": 3.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.8, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2011-01-19T17:00:01.670",
      "references": "[{\"url\": \"http://osvdb.org/70566\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://secunia.com/advisories/42993\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/45875\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0146\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/64784\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://osvdb.org/70566\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/42993\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/45875\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0146\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/64784\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert_us@oracle.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-4432\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2011-01-19T17:00:01.670\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el componente Oracle Transportation Manager para Oracle Supply Chain Products Suite v5.5.06, v6.0, v6.1, y v6.2 permite a usuarios autenticados remotamente afectar a la confidencialidad a trav\u00e9s de vectores desconocidos relacionados con UI Infrastructure.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:P/I:N/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:supply_chain_products_suite:5.5.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08F9B9ED-6686-412F-B050-F946AEEEE75D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:supply_chain_products_suite:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F51A12E9-15E0-49B2-9F25-32C58D7364CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:supply_chain_products_suite:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EC31414-9839-4902-BEC2-CE07728E6D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:supply_chain_products_suite:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78940F7B-4092-43F9-A9C9-BBFA89B16F8D\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/70566\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/42993\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/45875\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0146\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/64784\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://osvdb.org/70566\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42993\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/45875\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0146\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/64784\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-X994-JPG5-7JQR

Vulnerability from github – Published: 2022-05-17 02:04 – Updated: 2022-05-17 02:04

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-4432"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-01-19T17:00:00Z",
    "severity": "LOW"
  },
  "details": "Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure.",
  "id": "GHSA-x994-jpg5-7jqr",
  "modified": "2022-05-17T02:04:08Z",
  "published": "2022-05-17T02:04:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4432"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64784"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/70566"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42993"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/45875"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0146"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2011-AVI-022

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités présentes dans les produits Oracle permettent à un utilisateur malveillant de contourner la politique de sécurité.

Description

De multiples vulnérabilités ont été corrigées dans les produits Oracle tels que Oracle Database, Oracle Application Server ou Oracle Open Office. Certaines de ces vulnérabilités peuvent être exploitées par un utilisateur malveillant distant pour contourner la politique de sécurité ou encore porter atteinte à l'intégrité et/ou la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0, 10.1.3.4.1, 11.1.1.3 ;
Oracle	N/A	Oracle Transportation Manager, versions 5.5, 6.0, 6.1, 6.2 ;
Oracle	N/A	Oracle Sun Product Suite ;
Oracle	N/A	Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3 ;
Oracle	N/A	Oracle Document Capture, versions 10.1.3.4, 10.1.3.5 ;
Oracle	N/A	Oracle Application Server 10g Release 2, version 10.1.2.3.0 ;
Oracle	N/A	Oracle Enterprise Manager Real User Experience Insight, version RUEI 6.0 ;
Oracle	N/A	Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5 ;
Oracle	N/A	Oracle JRockit versions, R27.6.7 et antérieures (JDK/JRE 1.4.2, 5, 6), R28.0.1 et antérieures (JDK/JRE 5, 6) ;
Oracle	N/A	Oracle E-Business Suite Release 11i, version 11.5.10.2 ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise CRM, versions 8.9, 9.0, 9.1 ;
Oracle	N/A	Oracle Audit Vault 10g Release 2, version 10.2.3.2 ;
Oracle	N/A	Oracle Argus Safety, versions 5.0, 5.0.1, 5.0.2, 5.0.3 ;
Oracle	N/A	Oracle Database 10g Release 1, version 10.1.0.5 ;
Oracle	N/A	Oracle Outside In Technology, version 8.3.0 ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise PeopleTools, versions 8.49, 8.50, 8.51 ;
Oracle	N/A	Oracle InForm Portal, versions 4.5, 4.6, 5.0 ;
Oracle	Weblogic	Oracle WebLogic Server, versions 7.0.7, 8.1.6, 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, 10.3.3 ;
Oracle	N/A	Oracle Agile Core, versions 9.3.0.2, 9.3.1 ;
Oracle	N/A	Oracle Database 11g Release 1, version 11.1.0.7 ;
Oracle	N/A	Oracle Open Office, version 3.2.1 and StarOffice/StarSuite, versions 7, 8.
Oracle	N/A	Oracle Database 11g Release 2, version 11.2.0.1 ;
Oracle	N/A	Oracle Enterprise Manager Suite Release 10, version 10.2.0.5 ;
Oracle	N/A	Oracle GoldenGate Veridata, version 3.0.0.4 ;
Oracle	N/A	Oracle Beehive, versions 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, 2.0.1.3 ;
Oracle	N/A	Oracle Fusion Middleware, 11g Release 1, versions 11.1.1.2.0, 11.1.1.3.0 ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise HRMS, versions 8.9, 9.0, 9.1 ;
Oracle	N/A	Oracle Secure Backup 10g Release 3, version 10.3.0.2 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle de janvier 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0, 10.1.3.4.1, 11.1.1.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Transportation Manager, versions 5.5, 6.0, 6.1, 6.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Sun Product Suite ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Document Capture, versions 10.1.3.4, 10.1.3.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Application Server 10g Release 2, version 10.1.2.3.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Enterprise Manager Real User Experience Insight, version RUEI 6.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle JRockit versions, R27.6.7 et ant\u00e9rieures (JDK/JRE 1.4.2, 5, 6), R28.0.1 et ant\u00e9rieures (JDK/JRE 5, 6) ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle E-Business Suite Release 11i, version 11.5.10.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise CRM, versions 8.9, 9.0, 9.1 ;",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Audit Vault 10g Release 2, version 10.2.3.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Argus Safety, versions 5.0, 5.0.1, 5.0.2, 5.0.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 10g Release 1, version 10.1.0.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Outside In Technology, version 8.3.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise PeopleTools, versions 8.49, 8.50, 8.51 ;",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle InForm Portal, versions 4.5, 4.6, 5.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle WebLogic Server, versions 7.0.7, 8.1.6, 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, 10.3.3 ;",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Agile Core, versions 9.3.0.2, 9.3.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 11g Release 1, version 11.1.0.7 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Open Office, version 3.2.1 and StarOffice/StarSuite, versions 7, 8.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 11g Release 2, version 11.2.0.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Enterprise Manager Suite Release 10, version 10.2.0.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle GoldenGate Veridata, version 3.0.0.4 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Beehive, versions 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, 2.0.1.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Fusion Middleware, 11g Release 1, versions 11.1.1.2.0, 11.1.1.3.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise HRMS, versions 8.9, 9.0, 9.1 ;",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Secure Backup 10g Release 3, version 10.3.0.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits Oracle\ntels que Oracle Database, Oracle Application Server ou Oracle Open\nOffice. Certaines de ces vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es par un\nutilisateur malveillant distant pour contourner la politique de s\u00e9curit\u00e9\nou encore porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et/ou la confidentialit\u00e9 des\ndonn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4429"
    },
    {
      "name": "CVE-2010-4415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4415"
    },
    {
      "name": "CVE-2010-4438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4438"
    },
    {
      "name": "CVE-2010-3586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3586"
    },
    {
      "name": "CVE-2010-3593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3593"
    },
    {
      "name": "CVE-2010-4439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4439"
    },
    {
      "name": "CVE-2010-4421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4421"
    },
    {
      "name": "CVE-2010-4453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4453"
    },
    {
      "name": "CVE-2010-4433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4433"
    },
    {
      "name": "CVE-2010-4419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4419"
    },
    {
      "name": "CVE-2010-4464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4464"
    },
    {
      "name": "CVE-2010-4457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4457"
    },
    {
      "name": "CVE-2010-4432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4432"
    },
    {
      "name": "CVE-2010-4460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4460"
    },
    {
      "name": "CVE-2010-3590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3590"
    },
    {
      "name": "CVE-2010-4416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4416"
    },
    {
      "name": "CVE-2010-4414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4414"
    },
    {
      "name": "CVE-2010-4420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4420"
    },
    {
      "name": "CVE-2010-3592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3592"
    },
    {
      "name": "CVE-2010-3600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3600"
    },
    {
      "name": "CVE-2010-4418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4418"
    },
    {
      "name": "CVE-2010-4456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4456"
    },
    {
      "name": "CVE-2010-4441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4441"
    },
    {
      "name": "CVE-2010-4440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4440"
    },
    {
      "name": "CVE-2010-4436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4436"
    },
    {
      "name": "CVE-2010-4443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4443"
    },
    {
      "name": "CVE-2010-4434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4434"
    },
    {
      "name": "CVE-2010-4437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4437"
    },
    {
      "name": "CVE-2009-4269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4269"
    },
    {
      "name": "CVE-2010-2936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2936"
    },
    {
      "name": "CVE-2010-3588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3588"
    },
    {
      "name": "CVE-2010-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3510"
    },
    {
      "name": "CVE-2010-4428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4428"
    },
    {
      "name": "CVE-2010-4446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4446"
    },
    {
      "name": "CVE-2010-4459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4459"
    },
    {
      "name": "CVE-2010-4426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4426"
    },
    {
      "name": "CVE-2010-2632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2632"
    },
    {
      "name": "CVE-2010-4461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4461"
    },
    {
      "name": "CVE-2010-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3597"
    },
    {
      "name": "CVE-2010-3587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3587"
    },
    {
      "name": "CVE-2010-4442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4442"
    },
    {
      "name": "CVE-2010-3599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3599"
    },
    {
      "name": "CVE-2010-4413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4413"
    },
    {
      "name": "CVE-2010-3505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3505"
    },
    {
      "name": "CVE-2010-3594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3594"
    },
    {
      "name": "CVE-2010-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4449"
    },
    {
      "name": "CVE-2010-3598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3598"
    },
    {
      "name": "CVE-2010-4445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4445"
    },
    {
      "name": "CVE-2010-4458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4458"
    },
    {
      "name": "CVE-2010-4417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4417"
    },
    {
      "name": "CVE-2010-3596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3596"
    },
    {
      "name": "CVE-2010-4444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4444"
    },
    {
      "name": "CVE-2010-4425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4425"
    },
    {
      "name": "CVE-2010-3591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3591"
    },
    {
      "name": "CVE-2010-4423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4423"
    },
    {
      "name": "CVE-2010-4431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4431"
    },
    {
      "name": "CVE-2010-4427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4427"
    },
    {
      "name": "CVE-2010-4435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4435"
    },
    {
      "name": "CVE-2010-3574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
    },
    {
      "name": "CVE-2010-4424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4424"
    },
    {
      "name": "CVE-2010-2935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2935"
    },
    {
      "name": "CVE-2010-4430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4430"
    },
    {
      "name": "CVE-2010-1227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1227"
    },
    {
      "name": "CVE-2010-3595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3595"
    },
    {
      "name": "CVE-2010-3589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3589"
    },
    {
      "name": "CVE-2010-4455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4455"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-022",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-01-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans les produits Oracle\npermettent \u00e0 un utilisateur malveillant de contourner la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Oracle",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle de janvier 2011",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
    }
  ]
}

CERTA-2011-AVI-022

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités présentes dans les produits Oracle permettent à un utilisateur malveillant de contourner la politique de sécurité.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0, 10.1.3.4.1, 11.1.1.3 ;
Oracle	N/A	Oracle Transportation Manager, versions 5.5, 6.0, 6.1, 6.2 ;
Oracle	N/A	Oracle Sun Product Suite ;
Oracle	N/A	Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3 ;
Oracle	N/A	Oracle Document Capture, versions 10.1.3.4, 10.1.3.5 ;
Oracle	N/A	Oracle Application Server 10g Release 2, version 10.1.2.3.0 ;
Oracle	N/A	Oracle Enterprise Manager Real User Experience Insight, version RUEI 6.0 ;
Oracle	N/A	Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5 ;
Oracle	N/A	Oracle JRockit versions, R27.6.7 et antérieures (JDK/JRE 1.4.2, 5, 6), R28.0.1 et antérieures (JDK/JRE 5, 6) ;
Oracle	N/A	Oracle E-Business Suite Release 11i, version 11.5.10.2 ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise CRM, versions 8.9, 9.0, 9.1 ;
Oracle	N/A	Oracle Audit Vault 10g Release 2, version 10.2.3.2 ;
Oracle	N/A	Oracle Argus Safety, versions 5.0, 5.0.1, 5.0.2, 5.0.3 ;
Oracle	N/A	Oracle Database 10g Release 1, version 10.1.0.5 ;
Oracle	N/A	Oracle Outside In Technology, version 8.3.0 ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise PeopleTools, versions 8.49, 8.50, 8.51 ;
Oracle	N/A	Oracle InForm Portal, versions 4.5, 4.6, 5.0 ;
Oracle	Weblogic	Oracle WebLogic Server, versions 7.0.7, 8.1.6, 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, 10.3.3 ;
Oracle	N/A	Oracle Agile Core, versions 9.3.0.2, 9.3.1 ;
Oracle	N/A	Oracle Database 11g Release 1, version 11.1.0.7 ;
Oracle	N/A	Oracle Open Office, version 3.2.1 and StarOffice/StarSuite, versions 7, 8.
Oracle	N/A	Oracle Database 11g Release 2, version 11.2.0.1 ;
Oracle	N/A	Oracle Enterprise Manager Suite Release 10, version 10.2.0.5 ;
Oracle	N/A	Oracle GoldenGate Veridata, version 3.0.0.4 ;
Oracle	N/A	Oracle Beehive, versions 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, 2.0.1.3 ;
Oracle	N/A	Oracle Fusion Middleware, 11g Release 1, versions 11.1.1.2.0, 11.1.1.3.0 ;
Oracle	PeopleSoft	Oracle PeopleSoft Enterprise HRMS, versions 8.9, 9.0, 9.1 ;
Oracle	N/A	Oracle Secure Backup 10g Release 3, version 10.3.0.2 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle de janvier 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0, 10.1.3.4.1, 11.1.1.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Transportation Manager, versions 5.5, 6.0, 6.1, 6.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Sun Product Suite ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Document Capture, versions 10.1.3.4, 10.1.3.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Application Server 10g Release 2, version 10.1.2.3.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Enterprise Manager Real User Experience Insight, version RUEI 6.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle JRockit versions, R27.6.7 et ant\u00e9rieures (JDK/JRE 1.4.2, 5, 6), R28.0.1 et ant\u00e9rieures (JDK/JRE 5, 6) ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle E-Business Suite Release 11i, version 11.5.10.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise CRM, versions 8.9, 9.0, 9.1 ;",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Audit Vault 10g Release 2, version 10.2.3.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Argus Safety, versions 5.0, 5.0.1, 5.0.2, 5.0.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 10g Release 1, version 10.1.0.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Outside In Technology, version 8.3.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise PeopleTools, versions 8.49, 8.50, 8.51 ;",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle InForm Portal, versions 4.5, 4.6, 5.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle WebLogic Server, versions 7.0.7, 8.1.6, 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, 10.3.3 ;",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Agile Core, versions 9.3.0.2, 9.3.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 11g Release 1, version 11.1.0.7 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Open Office, version 3.2.1 and StarOffice/StarSuite, versions 7, 8.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database 11g Release 2, version 11.2.0.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Enterprise Manager Suite Release 10, version 10.2.0.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle GoldenGate Veridata, version 3.0.0.4 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Beehive, versions 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, 2.0.1.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Fusion Middleware, 11g Release 1, versions 11.1.1.2.0, 11.1.1.3.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle PeopleSoft Enterprise HRMS, versions 8.9, 9.0, 9.1 ;",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Secure Backup 10g Release 3, version 10.3.0.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits Oracle\ntels que Oracle Database, Oracle Application Server ou Oracle Open\nOffice. Certaines de ces vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es par un\nutilisateur malveillant distant pour contourner la politique de s\u00e9curit\u00e9\nou encore porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et/ou la confidentialit\u00e9 des\ndonn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4429"
    },
    {
      "name": "CVE-2010-4415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4415"
    },
    {
      "name": "CVE-2010-4438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4438"
    },
    {
      "name": "CVE-2010-3586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3586"
    },
    {
      "name": "CVE-2010-3593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3593"
    },
    {
      "name": "CVE-2010-4439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4439"
    },
    {
      "name": "CVE-2010-4421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4421"
    },
    {
      "name": "CVE-2010-4453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4453"
    },
    {
      "name": "CVE-2010-4433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4433"
    },
    {
      "name": "CVE-2010-4419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4419"
    },
    {
      "name": "CVE-2010-4464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4464"
    },
    {
      "name": "CVE-2010-4457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4457"
    },
    {
      "name": "CVE-2010-4432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4432"
    },
    {
      "name": "CVE-2010-4460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4460"
    },
    {
      "name": "CVE-2010-3590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3590"
    },
    {
      "name": "CVE-2010-4416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4416"
    },
    {
      "name": "CVE-2010-4414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4414"
    },
    {
      "name": "CVE-2010-4420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4420"
    },
    {
      "name": "CVE-2010-3592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3592"
    },
    {
      "name": "CVE-2010-3600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3600"
    },
    {
      "name": "CVE-2010-4418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4418"
    },
    {
      "name": "CVE-2010-4456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4456"
    },
    {
      "name": "CVE-2010-4441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4441"
    },
    {
      "name": "CVE-2010-4440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4440"
    },
    {
      "name": "CVE-2010-4436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4436"
    },
    {
      "name": "CVE-2010-4443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4443"
    },
    {
      "name": "CVE-2010-4434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4434"
    },
    {
      "name": "CVE-2010-4437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4437"
    },
    {
      "name": "CVE-2009-4269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4269"
    },
    {
      "name": "CVE-2010-2936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2936"
    },
    {
      "name": "CVE-2010-3588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3588"
    },
    {
      "name": "CVE-2010-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3510"
    },
    {
      "name": "CVE-2010-4428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4428"
    },
    {
      "name": "CVE-2010-4446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4446"
    },
    {
      "name": "CVE-2010-4459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4459"
    },
    {
      "name": "CVE-2010-4426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4426"
    },
    {
      "name": "CVE-2010-2632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2632"
    },
    {
      "name": "CVE-2010-4461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4461"
    },
    {
      "name": "CVE-2010-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3597"
    },
    {
      "name": "CVE-2010-3587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3587"
    },
    {
      "name": "CVE-2010-4442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4442"
    },
    {
      "name": "CVE-2010-3599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3599"
    },
    {
      "name": "CVE-2010-4413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4413"
    },
    {
      "name": "CVE-2010-3505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3505"
    },
    {
      "name": "CVE-2010-3594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3594"
    },
    {
      "name": "CVE-2010-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4449"
    },
    {
      "name": "CVE-2010-3598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3598"
    },
    {
      "name": "CVE-2010-4445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4445"
    },
    {
      "name": "CVE-2010-4458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4458"
    },
    {
      "name": "CVE-2010-4417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4417"
    },
    {
      "name": "CVE-2010-3596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3596"
    },
    {
      "name": "CVE-2010-4444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4444"
    },
    {
      "name": "CVE-2010-4425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4425"
    },
    {
      "name": "CVE-2010-3591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3591"
    },
    {
      "name": "CVE-2010-4423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4423"
    },
    {
      "name": "CVE-2010-4431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4431"
    },
    {
      "name": "CVE-2010-4427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4427"
    },
    {
      "name": "CVE-2010-4435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4435"
    },
    {
      "name": "CVE-2010-3574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
    },
    {
      "name": "CVE-2010-4424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4424"
    },
    {
      "name": "CVE-2010-2935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2935"
    },
    {
      "name": "CVE-2010-4430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4430"
    },
    {
      "name": "CVE-2010-1227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1227"
    },
    {
      "name": "CVE-2010-3595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3595"
    },
    {
      "name": "CVE-2010-3589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3589"
    },
    {
      "name": "CVE-2010-4455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4455"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-022",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-01-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans les produits Oracle\npermettent \u00e0 un utilisateur malveillant de contourner la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Oracle",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle de janvier 2011",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
    }
  ]
}

GSD-2010-4432

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-4432

Aliases

CVE-2010-4432

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-4432",
    "description": "Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure.",
    "id": "GSD-2010-4432"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-4432"
      ],
      "details": "Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure.",
      "id": "GSD-2010-4432",
      "modified": "2023-12-13T01:21:29.646202Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2010-4432",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2011-0146",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0146"
          },
          {
            "name": "45875",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/45875"
          },
          {
            "name": "42993",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/42993"
          },
          {
            "name": "oracle-transportation-ui-info-disclosure(64784)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64784"
          },
          {
            "name": "70566",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/70566"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:supply_chain_products_suite:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:supply_chain_products_suite:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:supply_chain_products_suite:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:supply_chain_products_suite:5.5.06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2010-4432"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
            },
            {
              "name": "ADV-2011-0146",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0146"
            },
            {
              "name": "45875",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/45875"
            },
            {
              "name": "42993",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42993"
            },
            {
              "name": "70566",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/70566"
            },
            {
              "name": "oracle-transportation-ui-info-disclosure(64784)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64784"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-17T01:33Z",
      "publishedDate": "2011-01-19T17:00Z"
    }
  }
}

FKIE_CVE-2010-4432

Vulnerability from fkie_nvd - Published: 2011-01-19 17:00 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert_us@oracle.com	http://osvdb.org/70566
secalert_us@oracle.com	http://secunia.com/advisories/42993
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html	Vendor Advisory
secalert_us@oracle.com	http://www.securityfocus.com/bid/45875
secalert_us@oracle.com	http://www.vupen.com/english/advisories/2011/0146
secalert_us@oracle.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/64784
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/70566
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42993
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/45875
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0146
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/64784

Impacted products

Vendor	Product	Version
oracle	supply_chain_products_suite	5.5.06
oracle	supply_chain_products_suite	6.0
oracle	supply_chain_products_suite	6.1
oracle	supply_chain_products_suite	6.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:5.5.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F9B9ED-6686-412F-B050-F946AEEEE75D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F51A12E9-15E0-49B2-9F25-32C58D7364CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EC31414-9839-4902-BEC2-CE07728E6D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "78940F7B-4092-43F9-A9C9-BBFA89B16F8D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente Oracle Transportation Manager para Oracle Supply Chain Products Suite v5.5.06, v6.0, v6.1, y v6.2 permite a usuarios autenticados remotamente afectar a la confidencialidad a trav\u00e9s de vectores desconocidos relacionados con UI Infrastructure."
    }
  ],
  "id": "CVE-2010-4432",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-01-19T17:00:01.670",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "url": "http://osvdb.org/70566"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://secunia.com/advisories/42993"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.securityfocus.com/bid/45875"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.vupen.com/english/advisories/2011/0146"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/70566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/45875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64784"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-4432 (GCVE-0-2010-4432)

GHSA-X994-JPG5-7JQR

CERTA-2011-AVI-022

Description

Solution

CERTA-2011-AVI-022

Description

Solution

GSD-2010-4432

FKIE_CVE-2010-4432

Tags

Sightings

Nomenclature