Oracle Application Server vulnerabilities

CVE-2008-1812 [CRITICAL] CVE-2008-1812: Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01.

CVE-2008-1814 [CRITICAL] CVE-2008-1814: Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3 and 10.1.2.2; and Oracle Collaboration Suite 10.1.2; has unknown impact and remote attack vectors, aka DB04.

CVE-2008-1824 [CRITICAL] CVE-2008-1824: Unspecified vulnerability in the Oracle Dynamic Monitoring Service component in Oracle Application S Unspecified vulnerability in the Oracle Dynamic Monitoring Service component in Oracle Application Server 9.0.4.3, 10.1.2.2, and 10.1.3.3 has unknown impact and remote attack vectors, aka AS02.

CVE-2008-0348 [CRITICAL] CVE-2008-0348: Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise an Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.

CVE-2008-0344 [CRITICAL] CVE-2008-0344: Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 h Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote attack vectors, aka DB07.

CVE-2008-0345 [CRITICAL] CVE-2008-0345: Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08.

CVE-2008-0349 [CRITICAL] CVE-2008-0349: Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edward Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.15 and 8.49.07 has unknown impact and remote attack vectors, aka PSE02.

CVE-2008-0346 [CRITICAL] CVE-2008-0346: Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 a Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.

CVE-2008-0340 [CRITICAL] CVE-2008-0340: Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04).

CVE-2008-0347 [CRITICAL] CVE-2008-0347: Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; and Application Server 9.0.4.3 and 10.1.2.0.2; has unknown impact and local attack vectors, aka OCS01. NOTE: Oracle has not disputed a reliable claim that this issue is related to WKSYS schema privileges.

CVE-2008-0343 [CRITICAL] CVE-2008-0343: Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has unknown impact and remote attack vectors, aka DB06.

CVE-2007-5526 [CRITICAL] CVE-2007-5526: Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10.1.2.2, and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS11.

CVE-2007-5518 [HIGH] CVE-2007-5518: Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 10.1.3.2 Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 10.1.3.2 has unknown impact and remote attack vectors, aka AS03.

CVE-2007-5521 [HIGH] CVE-2007-5521: Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 9 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.2, and 10.1.3.3, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS06.

CVE-2007-5519 [HIGH] CVE-2007-5519: Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS04.

CVE-2007-5520 [HIGH] CVE-2007-5520: Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05.

CVE-2007-5516 [HIGH] CVE-2007-5516: Unspecified vulnerability in the Oracle Process Mgmt & Notification component in Oracle Application Unspecified vulnerability in the Oracle Process Mgmt & Notification component in Oracle Application Server 10.1.3.3 has unknown impact and remote attack vectors, aka AS01.

CVE-2007-5525 [HIGH] CVE-2007-5525: Unspecified vulnerability in the Oracle Single Sign-On component in Oracle Application Server 9.0.4. Unspecified vulnerability in the Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.2, and 10.1.4.0.1; Collaboration Suite 10.1.2; and Enterprise Manager 10.1.2 has unknown impact and remote attack vectors, aka AS10.

CVE-2007-5524 [HIGH] CVE-2007-5524: Unspecified vulnerability in the Oracle Single Sign-On component in Oracle Application Server 9.0.4. Unspecified vulnerability in the Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS09 or AS9.

CVE-2007-5522 [HIGH] CVE-2007-5522: Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.4.1 has u Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.4.1 has unknown impact and remote attack vectors, aka AS07.