Vulnerabilities > CVE-2008-5450 - Multiple vulnerability in Oracle January 2009 Critical Patch Update

CVSS 1.2 - LOW

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

high complexity

oracle

NVD

Published: 2009-01-14

Updated: 2012-10-23

Summary

Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows local users to affect confidentiality via unknown vectors.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle E Business Suite 11.5 Oracle E Business Suite 12 12.0.6	2

Saint

bid 33177
description Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow
id database_oracle_backupndmpbo,database_oracle_backupver
osvdb 51340
title oracle_secure_backup_ndmp_clientauth
type remote
bid 33177
description Oracle Secure Backup login.php ora_osb_lcookie command execution
id database_oracle_backupver
osvdb 51343
title oracle_secure_backup_login_lcookie
type remote
bid 33177
description Oracle WebLogic Server IIS Connector JSESSIONID buffer overflow
title weblogic_iis_connector_jsessionid
type remote
bid 33177
description Oracle Secure Backup login.php rbtool command injection
id database_oracle_backupver
osvdb 51342
title oracle_secure_backup_login_rbtool
type remote
bid 33177
description Oracle Database OLAP component ODCITABLESTART buffer overflow
id database_oracle_version
osvdb 51347
title oracle_olap_odcitablestart
type remote

bid	33177
description	Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow
id	database_oracle_backupndmpbo,database_oracle_backupver
osvdb	51340
title	oracle_secure_backup_ndmp_clientauth
type	remote

Summary

Vulnerable Configurations

Saint

References