CVE-2006-5357 — Oracle Application Server vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

0.8%

top 26.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Application Server

Timeline

PublishedOct 18

Latest updateMay 1

Description

Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 10.1.2.0.1, 10.1.2.0.2, and 10.1.2.1.0 has unknown impact and remote attack vectors related to the PHP Module, aka Vuln# OHS03.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDoracle/application_server10.1.2.0.1, 10.1.2.0.2, 10.1.2.1.0+2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-xrgr-fwmm-m4vx: Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 10↗2022-05-01

▶

CVEList

CVE-2006-5357: Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 10↗2006-10-18

▶