Vulnerabilities > CVE-2003-1116 - Unspecified vulnerability in Oracle E-Business Suite
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 10 |
References
- http://marc.info/?l=bugtraq&m=105012832418415&w=2
- http://otn.oracle.com/deploy/security/pdf/2003alert53.pdf
- http://securitytracker.com/id?1006550
- http://www.integrigy.com/alerts/FNDFS_Vulnerability.htm
- http://www.kb.cert.org/vuls/id/168873
- http://www.securityfocus.com/bid/7325
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11768