1. CVE-Search
  2. CVE-2007-3862
ID CVE-2007-3862
Summary Unspecified vulnerability in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 allows remote attackers to have an unknown impact via Oracle Single Sign On, aka AS01. As the impact type is unspecified, it has been set to a default value of "Obtain Other Access (e.g. application account)."
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
cert TA07-200A
confirm http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html
hp
  • HPSBMA02133
  • SSRT061201
misc
sectrack 1018415
secunia
  • 26114
  • 26166
vupen
  • ADV-2007-2562
  • ADV-2007-2635
xf oracle-cpu-july2007(35490)
Last major update 29-07-2017 - 01:32
Published 18-07-2007 - 19:30
Last modified 29-07-2017 - 01:32
Back to Top