CVE-2009-3402 — Heap-based Buffer Overflow in Oracle E-business Suite

CWE-122 — Heap-based Buffer Overflow5 documents5 sources

Severity

2.1LOWNVD

EPSS

0.4%

top 41.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle E-business Suite

Timeline

PublishedOct 22

Latest updateMay 2

Description

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote authenticated users to affect confidentiality via unknown vectors.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDoracle/e-business_suite11.5.10.2, 12.0.6, 12.1.1+2

🔴Vulnerability Details

GHSA

GHSA-9jg7-472x-vxf4: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11↗2022-05-02

▶

CVEList

CVE-2009-3402: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11↗2009-10-22

▶

📋Vendor Advisories

Red Hat

plug-in): Heap-buffer overflow by decoding certain PSD headers↗2012-08-20

▶

💬Community

Bugzilla

CVE-2012-3402 gimp (PSD plug-in): Heap-buffer overflow by decoding certain PSD headers↗2012-07-10

▶