Oracle E-Business Suite vulnerabilities

CVE-2006-5367 [CRITICAL] CVE-2006-5367: Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 up to 11.5.10CU2 have unknown Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS03 in Oracle Applications Framework, (2) APPS04 in Oracle Applications Technology Stack, and (3) APPS05 in Oracle Balanced Scorecard, (4) APPS09 in Oracle Scripting, and (5) APPS10 in Oracle T

CVE-2006-5359 [CRITICAL] CVE-2006-5359: Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Ser Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Oracle E-Business Suite and Applications 11.5.10CU2, have unknown impact and remote attack vectors, aka Vuln# (1) REP01 and (2) REP02. NOTE: as of 20061027, Oracle has not disputed reports from a reliable researcher that these

CVE-2006-5370 [CRITICAL] CVE-2006-5370: Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and r Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS06 for Oracle CRM Gateway for Mobile Devices and (2) APPS08 for Oracle iStore.

CVE-2006-5371 [CRITICAL] CVE-2006-5371: Unspecified vulnerability in Oracle Email Center component in Oracle E-Business Suite 11.5.9 has unk Unspecified vulnerability in Oracle Email Center component in Oracle E-Business Suite 11.5.9 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS07.

CVE-2006-5373 [CRITICAL] CVE-2006-5373: Unspecified vulnerability in Oracle Install Base component in Oracle E-Business Suite 11.5.10CU1 has Unspecified vulnerability in Oracle Install Base component in Oracle E-Business Suite 11.5.10CU1 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS13.

CVE-2006-5365 [CRITICAL] CVE-2006-5365: Unspecified vulnerability in Oracle Forms in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and E Unspecified vulnerability in Oracle Forms in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and E-Business Suite and Applications 11.5.10CU2, has unknown impact and remote attack vectors, aka Vuln# FORM02.

CVE-2006-5346 [HIGH] CVE-2006-5346: Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, as used in Oracle Collaboration Suite 9.0.4 Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, as used in Oracle Collaboration Suite 9.0.4.2 and Oracle E-Business Suite and Applications 11.5.10CU2, has unknown impact and remote attack vectors related to htdigest, aka Vuln# OHS02.

CVE-2006-5350 [HIGH] CVE-2006-5350: Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite and Applications Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and local attack vectors, aka Vuln# OHS08.

CVE-2006-3716 [CRITICAL] CVE-2006-3716: Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unk Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS01 for Internet Expenses; (2) APPS02, (3) APPS05, (4) APPS06, (5) APPS07, (6) APPS08, (7) APPS09, and (8) APPS10 for Oracle Application Object Library; (9) APPS11, (10) APPS12, and (11) APPS13 for Oracl

CVE-2006-3717 [CRITICAL] CVE-2006-3717: Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unknown Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS03 and (2) APPS04 for Oracle Application Object Library; and (3) APPS20 for Oracle XML Gateway.

CVE-2006-1882 [CRITICAL] CVE-2006-1882: Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknow Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknown impact and attack vectors, as identified by Vuln# (1) APPS03 in (a) iProcurement; (2) APPS04 in (b) Oracle Application Object Library; (3) APPS06, (4) APPS07, and (5) APPS08 in (c) Oracle Applications Technology Stack; and (6) APPS11 in (d) Oracle Order Cap

CVE-2006-1883 [CRITICAL] CVE-2006-1883: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite and Applications 11.5.10CU1 has unknown impact and attack vectors, aka Vuln# APPS05.

CVE-2006-1884 [CRITICAL] CVE-2006-1884: Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business S Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01.

CVE-2006-1880 [CRITICAL] CVE-2006-1880: Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unk Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, as identified by Vuln# (1) APPS01 in the (a) Application Install component; (2) APPS09 in the (b) Oracle Diagnostics Interfaces component; (3) APPS10 in the (c) Oracle General Ledger component; (4) APPS12 and (5) APPS13 in the

CVE-2006-1881 [CRITICAL] CVE-2006-1881: Unspecified vulnerability in the Financials for Asia/Pacific component in Oracle E-Business Suite an Unspecified vulnerability in the Financials for Asia/Pacific component in Oracle E-Business Suite and Applications 11.5.9 has unknown impact and attack vectors. component, aka Vuln# APPS02.

CVE-2006-1037 [HIGH] CVE-2006-1037: SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.

CVE-2006-1035 [HIGH] CVE-2006-1035: Unspecified vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers t Unspecified vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to access diagnostics tests via unknown attack vectors.

CVE-2006-0552 [HIGH] CVE-2006-0552: Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11.

CVE-2006-0277 [CRITICAL] CVE-2006-0277: Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspec Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in the (a) Application Install component; (2) APPS07 in the (b) Oracle Applications Framework component; (3) APPS08, (4) APPS09, (5) APPS10, and (6) APPS11 in the (c) Oracle Application

CVE-2006-0288 [CRITICAL] CVE-2006-0288: Multiple unspecified vulnerabilities in the Oracle Reports Developer component of Oracle Application Multiple unspecified vulnerabilities in the Oracle Reports Developer component of Oracle Application Server 9.0.4.1 and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) REP01 and (2) REP02.