CVE-2006-5359 — Oracle Application Server vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

2.5%

top 14.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Application Server Oracle E-business Suite

Timeline

PublishedOct 18

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Oracle E-Business Suite and Applications 11.5.10CU2, have unknown impact and remote attack vectors, aka Vuln# (1) REP01 and (2) REP02. NOTE: as of 20061027, Oracle has not disputed reports from a reliable researcher that these issues are related to (a) showenv and (b) parsequery for REP01, and (c) cellwrapper and (d) delimiter for REP02.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDoracle/application_server10.1.2.0.2, 9.0.4.3+1

▶NVDoracle/e-business_suite11.5.10.2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-hwcc-wwx7-v8cp: Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Server 9↗2022-05-01

▶

CVEList

CVE-2006-5359: Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Server 9↗2006-10-18

▶