CVE-2008-7235 — Oracle Application Server vulnerability

3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

10.1%

top 6.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Application Server Oracle E-business Suite

Timeline

PublishedSep 14

Latest updateMay 13

Description

Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDoracle/e-business_suite12.0.3

▶NVDoracle/application_server10.1.2.2

Patches

Patch: www.securityfocus.com ↗Patch: www.vupen.com ↗Patch: www.vupen.com ↗

🔴Vulnerability Details

GHSA

GHSA-wpgx-q62h-3583: Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10↗2022-05-13

▶

CVEList

CVE-2008-7235: Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10↗2009-09-14

▶