Oracle E-Business Suite vulnerabilities

CVE-2009-3392 [MEDIUM] CVE-2009-3392: Unspecified vulnerability in the Agile Engineering Data Management (EDM) component in Oracle E-Busin Unspecified vulnerability in the Agile Engineering Data Management (EDM) component in Oracle E-Business Suite 6.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2009-3397 [MEDIUM] CVE-2009-3397: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors.

CVE-2009-3408 [MEDIUM] CVE-2009-3408: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2009-3402 [LOW] CVE-2009-3402: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote authenticated users to affect confidentiality via unknown vectors.

CVE-2009-3401 [LOW] CVE-2009-3401: Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows local users to affect confidentiality via unknown vectors.

CVE-2008-7235 [MEDIUM] CVE-2008-7235: Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E- Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04.

CVE-2008-7238 [MEDIUM] CVE-2008-7238: Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow (1) local users to affe Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow (1) local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component (APP01); (2) remote attackers to affect confidentiality via unknown vectors related to the Oracle Applications Framework (APP03); remote authenticated users

CVE-2009-1983 [MEDIUM] CVE-2009-1983: Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0. Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows remote attackers to affect integrity via unknown vectors.

CVE-2009-1984 [MEDIUM] CVE-2009-1984: Unspecified vulnerability in the Application Install component in Oracle E-Business Suite 11.5.10.2, Unspecified vulnerability in the Application Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Patch Administrator.

CVE-2009-1980 [MEDIUM] CVE-2009-1980: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2009-1982 [MEDIUM] CVE-2009-1982: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.6 allows remote attackers to affect integrity via unknown vectors.

CVE-2009-1986 [LOW] CVE-2009-1986: Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11 Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality via unknown vectors.

CVE-2009-1000 [HIGH] CWE-255 CVE-2009-1000: The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses defa The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND Applications Users (not DB users)," which has unknown impact and attack vectors.

CVE-2009-0995 [MEDIUM] CVE-2009-0995: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 allows remote attackers to affect integrity via unknown vectors.

CVE-2009-0999 [MEDIUM] CVE-2009-0999: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2008-5458 [MEDIUM] CVE-2008-5458: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 and CU2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVE-2008-5446 [LOW] CVE-2008-5446: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is related to unres

CVE-2008-5450 [LOW] CVE-2008-5450: Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Busi Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows local users to affect confidentiality via unknown vectors.

CVE-2008-3998 [MEDIUM] CVE-2008-3998: Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows re Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVE-2008-3988 [MEDIUM] CVE-2008-3988: Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote attackers to affect confidentiality via unknown vectors.