CVE-2007-3867

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and attack vectors, related to (1) APPS04, (2) APPS05, and (3) APPS06 in (a) Oracle Application Object Library, (4) APPS07 in Oracle Customer Intelligence, (5) APPS08 in Oracle Payments, (7) APPS10 in Oracle Human Resources, and (8) APPS11 in iRecruitment.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html
http://secunia.com/advisories/26114	Vendor Advisory
http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf
http://www.us-cert.gov/cas/techalerts/TA07-200A.html	US Government Resource
http://www.securitytracker.com/id?1018415
http://secunia.com/advisories/26166
http://www.vupen.com/english/advisories/2007/2562
http://www.vupen.com/english/advisories/2007/2635
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143
http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/35490
http://www.securityfocus.com/archive/1/474515/100/0/threaded

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*

Information

Published : 2007-07-18 12:30

Updated : 2018-10-15 14:31

NVD link : CVE-2007-3867

Mitre link : CVE-2007-3867

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

oracle

e-business_suite

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html", "name": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html", "tags": [], "refsource": "MISC"}, {"url": "http://secunia.com/advisories/26114", "name": "26114", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf", "name": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf", "tags": [], "refsource": "MISC"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA07-200A.html", "name": "TA07-200A", "tags": ["US Government Resource"], "refsource": "CERT"}, {"url": "http://www.securitytracker.com/id?1018415", "name": "1018415", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/26166", "name": "26166", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2007/2562", "name": "ADV-2007-2562", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2007/2635", "name": "ADV-2007-2635", "tags": [], "refsource": "VUPEN"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143", "name": "SSRT061201", "tags": [], "refsource": "HP"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490", "name": "oracle-cpu-july2007(35490)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/474515/100/0/threaded", "name": "20070724 Oracle E-Business Suite - Multiple Vulnerabilities", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and attack vectors, related to (1) APPS04, (2) APPS05, and (3) APPS06 in (a) Oracle Application Object Library, (4) APPS07 in Oracle Customer Intelligence, (5) APPS08 in Oracle Payments, (7) APPS10 in Oracle Human Resources, and (8) APPS11 in iRecruitment."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-3867", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2007-07-18T19:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-15T21:31Z"}