Oracle Crm Technical Foundation vulnerabilities

CVE-2017-3418 [HIGH] CVE-2017-3418: Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcompon Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: User Interface). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from

CVE-2017-3420 [HIGH] CVE-2017-3420: Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcompon Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: User Interface). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from

CVE-2017-3419 [HIGH] CVE-2017-3419: Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcompon Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: User Interface). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from

CVE-2016-3491 [HIGH] CVE-2016-3491: Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suit Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Wireless Framework. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue is a cross-site scripting

CVE-2016-3535 [HIGH] CVE-2016-3535: Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suit Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Remote Launch. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue is a cross-site scripting (XSS)

CVE-2016-3439 [HIGH] CVE-2016-3439: Unspecified vulnerability in the Oracle CRM Wireless component in Oracle E-Business Suite 12.1.3 all Unspecified vulnerability in the Oracle CRM Wireless component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Call Phone Number Page.

CVE-2016-3437 [HIGH] CVE-2016-3437: Unspecified vulnerability in the Oracle CRM Wireless component in Oracle E-Business Suite 12.1.3 all Unspecified vulnerability in the Oracle CRM Wireless component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Person Address Page.

CVE-2016-0583 [MEDIUM] CVE-2016-0583: Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Sui Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0579, CVE-2016-0582, and CVE-2016-0584.

CVE-2016-0563 [MEDIUM] CVE-2016-0563: Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suit Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Common Techstack.

CVE-2016-0532 [MEDIUM] CVE-2016-0532: Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suit Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security Assignments.

CVE-2016-0533 [MEDIUM] CVE-2016-0533: Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suit Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Messaging.