Vulnerability CVE-2008-0348


Published: 2008-01-17   Modified: 2012-02-12

Description:
Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Oracle -> Application server 
Oracle -> Collaboration suite 
Oracle -> Database server 
Oracle -> E-business suite 
Oracle -> Peoplesoft enterprise peopletools 

 References:
http://www.us-cert.gov/cas/techalerts/TA08-017A.html
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2008.html
http://www.vupen.com/english/advisories/2008/0180
http://www.vupen.com/english/advisories/2008/0150
http://www.securityfocus.com/bid/27229
http://securitytracker.com/id?1019218
http://secunia.com/advisories/28518
http://marc.info/?l=bugtraq&m=120058413923005&w=2
http://marc.info/?l=bugtraq&m=120058413923005&w=2
http://secunia.com/advisories/28556

Copyright 2024, cxsecurity.com

 

Back to Top