ID CVE-2006-5378
Summary Unspecified vulnerability in JD Edwards HTML Server in JD Edwards EnterpriseOne SP23_O2, 8.95.P1, and 8.96.D1 has unknown impact and remote authenticated attack vectors, aka Vuln# JDE01.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:enterpriseone:8.95.p1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterpriseone:8.95.p1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterpriseone:8.96.d1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterpriseone:8.96.d1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterpriseone:sp23_o2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterpriseone:sp23_o2:*:*:*:*:*:*:*
CVSS
Base: 9.0 (as of 17-10-2018 - 21:42)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:C/I:C/A:C
refmap via4
bid 20588
cert TA06-291A
confirm http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html
hp
  • HPSBMA02133
  • SSRT061201
misc http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html
sectrack 1017077
secunia 22396
vupen ADV-2006-4065
saint via4
bid 20588
description Oracle Spatial component SDO_CS.TRANSFORM_LAYER buffer overflow
id database_oracle_version
osvdb 31462
title oracle_spatial_transform_layer
type remote
Last major update 17-10-2018 - 21:42
Published 18-10-2006 - 01:07
Last modified 17-10-2018 - 21:42
Back to Top