11.5.1

DATE	CVE	VULNERABILITY TITLE	RISK
2007-01-17	CVE-2007-0285	Multiple vulnerability in Oracle products Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 9.0.4.2 and 10.1.2; and E-Business Suite and Applications 11.5.10CU2 has unknown impact and attack vectors related to Oracle Reports Developer, aka REP01. network low complexity oracle	5.0
2006-04-20	CVE-2006-1884	Multiple vulnerability in Oracle April 2006 Security Update Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01. network low complexity jdedwards oneworld oracle critical	10.0
2006-02-04	CVE-2006-0552	Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11. network low complexity oracle	7.5
2005-11-02	CVE-2005-3458	Multiple vulnerability in Oracle October Security Update Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.9 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS19 in Workflow Cartridge. network low complexity oracle critical	10.0
2005-11-02	CVE-2005-3457	Multiple vulnerability in Oracle October Security Update Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.10 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS08 in HRMS. network low complexity oracle critical	10.0
2005-11-02	CVE-2005-3456	Multiple vulnerability in Oracle October Security Update Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.9 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS04 in Application Object Library, and (2) APPS17, (3) APPS18, and (4) APPS21 in Workflow Cartridge. network low complexity oracle critical	10.0
2005-11-02	CVE-2005-3455	Multiple vulnerability in Oracle October Security Update Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.10 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in Application Install; (2) APPS02 and (3) APPS03 in Application Object Library; (4) APPS05 and (5) APPS06 in Applications Technology Stack; (6) APPS07 in Applications Utilities; (7) APPS09, (8) APPS10, and (9) APPS11 in HRMS; (10) APPS12 in Mobile Application Foundation; (11) APPS13 in SDP Number Portability; (12) APPS14 in Oracle Service; (13) APPS15 in Service Fulfillment Manage, (14) APPS16 in Universal Work Queue; and (15) APPS20 in Workflow Cartridge. network low complexity oracle critical	10.0
2004-08-06	CVE-2004-0543	SQL Injection vulnerability in Oracle Applications and E-Business Suite Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries. network low complexity oracle critical	10.0
2004-08-04	CVE-2004-1371	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Oracle products Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure. network low complexity oracle CWE-119 critical	9.0
2004-08-04	CVE-2004-1370	Multiple Unspecified vulnerability in Oracle Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COMPLETE_ACL_SNAPSHOT, (5) WK_ACL.DELETE_ACLS_WITH_STATEMENT, or (6) DRILOAD.VALIDATE_STMT. network low complexity oracle	7.5