Vulnerabilities > CVE-2008-5451 - Multiple vulnerability in Oracle January 2009 Critical Patch Update

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

jdedwards

oracle

NVD

Published: 2009-01-14

Updated: 2012-10-23

Summary

Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.5 allows remote authenticated users to affect confidentiality via unknown vectors.

Vulnerable Configurations

Part	Description	Count
Application	Jdedwards Jdedwards Enterpriseone 8.97.2.5	1
Application	Oracle Oracle Peoplesoft Enterprise 8.97.2.5	1

Saint

bid 33177
description Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow
id database_oracle_backupndmpbo,database_oracle_backupver
osvdb 51340
title oracle_secure_backup_ndmp_clientauth
type remote
bid 33177
description Oracle Secure Backup login.php ora_osb_lcookie command execution
id database_oracle_backupver
osvdb 51343
title oracle_secure_backup_login_lcookie
type remote
bid 33177
description Oracle WebLogic Server IIS Connector JSESSIONID buffer overflow
title weblogic_iis_connector_jsessionid
type remote
bid 33177
description Oracle Secure Backup login.php rbtool command injection
id database_oracle_backupver
osvdb 51342
title oracle_secure_backup_login_rbtool
type remote
bid 33177
description Oracle Database OLAP component ODCITABLESTART buffer overflow
id database_oracle_version
osvdb 51347
title oracle_olap_odcitablestart
type remote

bid	33177
description	Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow
id	database_oracle_backupndmpbo,database_oracle_backupver
osvdb	51340
title	oracle_secure_backup_ndmp_clientauth
type	remote

Summary

Vulnerable Configurations

Saint

References