Oracle Peoplesoft Enterprise Peopletools vulnerabilities

CVE-2016-0683 [MEDIUM] CVE-2016-0683: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Search Framework.

CVE-2015-3197 [MEDIUM] CWE-200 CVE-2015-3197: ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disable ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.

CVE-2016-0471 [MEDIUM] CVE-2016-0471: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote attackers to affect confidentiality via unknown vectors related to Multichannel Framework.

CVE-2016-0462 [MEDIUM] CVE-2016-0462: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote authenticated users to affect confidentiality via unknown vectors related to Multichannel Framework, a different vulnerability than CVE-2015-2650.

CVE-2016-0587 [MEDIUM] CVE-2016-0587: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing.

CVE-2016-0460 [MEDIUM] CVE-2016-0460: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.55 allows remote attackers to affect integrity via unknown vectors related to Fluid Homepage and NavBar.

CVE-2016-0463 [MEDIUM] CVE-2016-0463: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality via unknown vectors related to Portal.

CVE-2016-0474 [LOW] CVE-2016-0474: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology.

CVE-2016-0473 [LOW] CVE-2016-0473: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect integrity via unknown vectors related to Fluid Core.

CVE-2015-7940 [MEDIUM] CWE-200 CVE-2015-7940: The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

CVE-2013-3759 [MEDIUM] CVE-2013-3759: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Search Functionality.

CVE-2013-3761 [MEDIUM] CVE-2013-3761: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products Portal 9.1 and PeopleTools 8.52 allows remote attackers to affect integrity via vectors related to PIA Core Technology.

CVE-2013-2409 [MEDIUM] CVE-2013-2409: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via vectors related to PIA Core Technology.

CVE-2013-2406 [LOW] CVE-2013-2406: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology.

CVE-2011-2315 [MEDIUM] CVE-2011-2315: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49, 8.50, and 8.51 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Security.

CVE-2011-3520 [LOW] CVE-2011-3520: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49, 8.50, and 8.51 allows remote authenticated users to affect integrity via unknown vectors related to Personalization.

CVE-2011-2280 [MEDIUM] CVE-2011-2280: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49.31, 8.50.20, and 8.51.11 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2011-2274.

CVE-2011-2275 [MEDIUM] CVE-2011-2275: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49.31, 8.50.20, and 8.51.11 allows remote attackers to affect integrity via unknown vectors.

CVE-2011-2274 [LOW] CVE-2011-2274: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49.31, 8.50.20, and 8.51.11 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2011-2280.

CVE-2011-2282 [LOW] CVE-2011-2282: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50.20 and 8.51.11 allows remote authenticated users to affect integrity via unknown vectors.