CVE-2007-2126 — Oracle E-business Suite vulnerability

9 documents3 sources

Severity

10.0CRITICALNVD

NVD9.4NVD7.8

EPSS

1.1%

top 22.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle E-business Suite

Timeline

PublishedApr 18

Latest updateMay 1

Description

Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote attack vectors in the (1) Common Applications (APPS01) and (2) iProcurement (APPS02).

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDoracle/e-business_suite11.5.10.2

🔴Vulnerability Details

GHSA

GHSA-993q-wpwh-rhvq: The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS↗2022-05-01

▶

GHSA

GHSA-vrqh-qwvr-mr23: The APPLSYS↗2022-05-01

▶

GHSA

GHSA-hvmw-63v6-mpv5: Unspecified vulnerability in Oracle E-Business Suite 11↗2022-05-01

▶

CVEList

CVE-2007-2170: The APPLSYS↗2007-04-24

▶

CVEList

CVE-2007-2135: The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS↗2007-04-24

▶