Oracle E-Business Suite vulnerabilities

CVE-2013-5890 [MEDIUM] CVE-2013-5890: Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0 Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Exception Reporting.

CVE-2014-0398 [MEDIUM] CVE-2014-0398: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Discoverer.

CVE-2013-5874 [LOW] CVE-2013-5874: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows local users to affect confidentiality via unknown vectors related to Logging.

CVE-2013-5792 [MEDIUM] CVE-2013-5792: Unspecified vulnerability in the Techstack component in Oracle E-Business Suite 12.1 allows remote a Unspecified vulnerability in the Techstack component in Oracle E-Business Suite 12.1 allows remote attackers to affect confidentiality via unknown vectors related to Apache.

CVE-2013-3756 [MEDIUM] CVE-2013-3756: Unspecified vulnerability in the Oracle Landed Cost Management component in Oracle E-Business Suite Unspecified vulnerability in the Oracle Landed Cost Management component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Shipment Workbench.

CVE-2013-3788 [MEDIUM] CVE-2013-3788: Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 11.5.1 Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Supplier Management.

CVE-2013-3777 [MEDIUM] CVE-2013-3777: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Signon.

CVE-2013-3778 [MEDIUM] CVE-2013-3778: Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Help.

CVE-2013-3747 [MEDIUM] CVE-2013-3747: Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Client System Analyzer.

CVE-2013-3749 [LOW] CVE-2013-3749: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Logging. NOTE: the previous information is from the July 2013 CPU. Oracle has not commented on claims from a third party that the issue is

CVE-2013-1524 [MEDIUM] CVE-2013-1524: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Attachments.

CVE-2013-2396 [MEDIUM] CVE-2013-2396: Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12 Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity via vectors related to HTML OAM client.

CVE-2013-2388 [MEDIUM] CVE-2013-2388: Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect availability via unknown vectors related to Mid Tier File Management.

CVE-2013-1528 [MEDIUM] CVE-2013-1528: Unspecified vulnerability in the Oracle HRMS component in Oracle E-Business Suite 11.5.10.2, 12.0.6, Unspecified vulnerability in the Oracle HRMS component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Payroll.

CVE-2013-1501 [MEDIUM] CVE-2013-1501: Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2 allows Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to Login.

CVE-2013-1517 [LOW] CVE-2013-1517: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Diagnostics.

CVE-2013-0382 [MEDIUM] CVE-2013-0382: Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12 Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Campaign Management.

CVE-2013-0381 [MEDIUM] CVE-2013-0381: Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suit Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Application Framework.

CVE-2013-0377 [MEDIUM] CVE-2013-0377: Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Client System Analyzer.

CVE-2012-3190 [MEDIUM] CVE-2012-3190: Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11 Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity, related to UWQ Server Issues.