CVE-2007-2127 — Oracle E-business Suite vulnerability

9 documents3 sources

Severity

10.0CRITICALNVD

NVD9.4NVD7.8

EPSS

1.1%

top 21.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle E-business Suite

Timeline

PublishedApr 18

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 have unknown impact and remote attack vectors via (1) Application Object Library (APPS04), iStore (2) APPS05 and (3) APPS06, (4) iSupport (APPS07), (5) Trade Management (APPS09), (6) Applications Manager (APPS10), and (7) Oracle Report Manager (APPS03).

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDoracle/e-business_suite12.0.0

🔴Vulnerability Details

GHSA

GHSA-82pq-c8g4-m2jw: Multiple unspecified vulnerabilities in Oracle E-Business Suite 12↗2022-05-01

▶

GHSA

GHSA-993q-wpwh-rhvq: The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS↗2022-05-01

▶

GHSA

GHSA-vrqh-qwvr-mr23: The APPLSYS↗2022-05-01

▶

CVEList

CVE-2007-2170: The APPLSYS↗2007-04-24

▶

CVEList

CVE-2007-2135: The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS↗2007-04-24

▶