VYPR

E Business Suite

by Oracle Corporation

CVEs (455)

  • CVE-2006-0284Jan 18, 2006
    risk 0.00cvss epss 0.05

    Multiple unspecified vulnerabilities in Oracle Application Server 9.0.4.2 and 10.1.2.0.2, and E-Business Suite and Applications 11.5.10, have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) FORM01 and (2) FORM02 in the Oracle Forms component.

  • CVE-2005-3455Nov 2, 2005
    risk 0.00cvss epss 0.04

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.10 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in Application Install; (2) APPS02 and (3) APPS03 in Application Object Library; (4) APPS05 and…

  • CVE-2005-3459Nov 2, 2005
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in Oracle E-Business Suite and Applications 4.5 up to 4.5.1 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS22 in Oracle Clinical.

  • CVE-2005-3458Nov 2, 2005
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.9 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS19 in Workflow Cartridge.

  • CVE-2005-3457Nov 2, 2005
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.10 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS08 in HRMS.

  • CVE-2005-3456Nov 2, 2005
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.9 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS04 in Application Object Library, and (2) APPS17, (3) APPS18, and (4) APPS21 in Workflow Cartridge.

  • CVE-2004-1369Aug 4, 2004
    risk 0.00cvss epss 0.06

    The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory.

  • CVE-2004-1370Aug 4, 2004
    risk 0.00cvss epss 0.04

    Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4)…

  • CVE-2004-1368Aug 4, 2004
    risk 0.00cvss epss 0.06

    ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.

  • CVE-2003-1116Dec 31, 2003
    risk 0.00cvss epss 0.04

    The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications…

  • CVE-2003-0633Aug 27, 2003
    risk 0.00cvss epss 0.03

    Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server…

  • CVE-2003-0632Aug 27, 2003
    risk 0.00cvss epss 0.05

    Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL.

  • CVE-2002-1666Dec 31, 2002
    risk 0.00cvss epss 0.02

    Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 allows remote attackers to execute unauthorized PL/SQL procedures by modifying the Oracle Applications URL.

  • CVE-2002-1882Dec 31, 2002
    risk 0.00cvss epss 0.05

    Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors.

  • CVE-2001-0528Aug 14, 2001
    risk 0.00cvss epss 0.02

    Oracle E-Business Suite Release 11i Applications Desktop Integrator (ADI) version 7.x includes a debug version of FNDPUB11I.DLL, which logs the APPS schema password in cleartext in a debug file, which allows local users to obtain the password and gain privileges.

Page 23 of 23