CVE-2007-3866
Published Jul 18, 2007
Last updated 6 years ago
Overview
- Description
- Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via (a) Oracle Configurator (APPS02), (b) Oracle iExpenses (APPS03), (c) Oracle Application Object Library (APPS09), and (1) APPS12, (2) APPS13, and (3) APPS14 in (d) Oracle Payables.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- -
- Impact
- As the impact type is unspecified, it has been set to a default value of "Obtain Other Access (e.g. application account)."
- Solution
- As the impact type is unspecified, it has been set to a default value of "Obtain Other Access (e.g. application account)."
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80B61990-9CC2-4215-9879-AC817F4E6767"
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "610AE265-C18D-4895-8034-5DB331DC68DF"
}
],
"operator": "OR"
}
]
}
]