CVE-2007-3868 - Multiple unspecified vulnerabilities in PeopleTools in Oracle PeopleSoft Enterprise 8.22.15, 8.47.13

CVE-2007-3868

Summary

Multiple unspecified vulnerabilities in PeopleTools in Oracle PeopleSoft Enterprise 8.22.15, 8.47.13, 8.48.10, and 8.49.02 allows remote authenticated users or attackers to have an unknown impact via multiple vectors, aka (1) PSE01, (2) PSE02, and (3) PSE03. As the impact type is unspecified, it has been set to a default value of "Obtain Other Access (e.g. application account)."

References

Vulnerable Configurations

cpe:2.3:a:oracle:peoplesoft_enterprise:8.22.15:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise:8.22.15:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise:8.47.13:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise:8.47.13:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise:8.48.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise:8.48.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise:8.49.02:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise:8.49.02:*:*:*:*:*:*:*

CVSS

Base:	6.5 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:P/A:P

refmap via4

cert	TA07-200A
confirm	http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html
hp	HPSBMA02133 SSRT061201
misc	http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html
sectrack	1018415
secunia	26114 26166
vupen	ADV-2007-2562 ADV-2007-2635
xf	oracle-cpu-july2007(35490)

Last major update

29-07-2017 - 01:32

Published

18-07-2007 - 19:30

Last modified

29-07-2017 - 01:32