CVE-2007-0289

Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J01, (2) OC4J05, and (3) OC4J06.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.us-cert.gov/cas/techalerts/TA07-017A.html	Patch US Government Resource
http://secunia.com/advisories/23794	Patch Vendor Advisory
http://securitytracker.com/id?1017522
http://www.securityfocus.com/bid/22083
http://osvdb.org/32895
http://osvdb.org/32899
http://osvdb.org/32900
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/31541

Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:*

Information

Published : 2007-01-16 18:28

Updated : 2017-07-28 18:30

NVD link : CVE-2007-0289

Mitre link : CVE-2007-0289

JSON object : View

CWE

NVD-CWE-Other

Products Affected

oracle

application_server

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html", "name": "TA07-017A", "tags": ["Patch", "US Government Resource"], "refsource": "CERT"}, {"url": "http://secunia.com/advisories/23794", "name": "23794", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://securitytracker.com/id?1017522", "name": "1017522", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/22083", "name": "22083", "tags": [], "refsource": "BID"}, {"url": "http://osvdb.org/32895", "name": "32895", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/32899", "name": "32899", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/32900", "name": "32900", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541", "name": "oracle-cpu-jan2007(31541)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J01, (2) OC4J05, and (3) OC4J06."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-0289", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-01-17T02:28Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-29T01:30Z"}

6.4 /10