Vulnerabilities > CVE-2007-2134 - Multiple vulnerability in Oracle April 2007 Security Update
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in the HTML Server in Oracle JD Edwards EnterpriseOne SP23_Q1 and 8.96.I1 has unknown impact and local attack vectors, aka JDE01. The vendor has addressed this issue through the release of the following patch information: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Saint
bid | 23532 |
description | Oracle Database Advanced Replication component DBMS_SNAP_INTERNAL overflow |
id | database_oracle_version |
osvdb | 39933 |
title | oracle_advrep_snap_internal |
type | remote |
References
- http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html
- http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html
- http://www.securityfocus.com/archive/1/466329/100/200/threaded
- http://www.securityfocus.com/bid/23532
- http://www.securitytracker.com/id?1017927
- http://www.us-cert.gov/cas/techalerts/TA07-108A.html
- http://www.vupen.com/english/advisories/2007/1426