Oracle Istore vulnerabilities

CVE-2017-3368 [HIGH] CVE-2017-3368: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Address Book) Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Address Book). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human inter

CVE-2016-5489 [HIGH] CVE-2016-5489: Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.1.1 through 1 Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via vectors related to Runtime Catalog.