CVE-2006-0289 — Oracle Application Server vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

CNA5.0

EPSS

3.8%

top 11.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Application Server Oracle E-business Suite

Timeline

PublishedJan 18

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in Oracle Application Server 6.0.8.26(PS17) and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) REP05 and (2) REP06 in the Oracle Reports Developer component. NOTE: Oracle has not disputed reliable researcher claims that REP05 is the same as CVE-2005-2378 and REP06 is the same as CVE-2005-2371, both of which involve directory traversal.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDoracle/application_server6.0.8.26_ps17

▶NVDoracle/e-business_suite11.5.10

🔴Vulnerability Details

GHSA

GHSA-rvr3-9qq5-xq2q: Multiple unspecified vulnerabilities in Oracle Application Server 6↗2022-05-01

▶

CVEList

CVE-2006-0289: Multiple unspecified vulnerabilities in Oracle Application Server 6↗2006-01-18

▶