Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-2119
HistoryApr 18, 2007 - 6:19 p.m.

CVE-2007-2119

2007-04-1818:19:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
29
cve-2007-2119
xss
boundary_rules.jsp
administration front end
oracle enterprise search
database server
application server
remote attack
html injection
web script
security vulnerability

5.7 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.056 Low

EPSS

Percentile

93.2%

JSON

Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the Administration Front End for Oracle Enterprise (Ultra) Search, as used in Database Server 9.2.0.8, 10.1.0.5, and 10.2.0.2, and in Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to inject arbitrary HTML or web script via the EXPTYPE parameter, aka SES01.

Related

prion 1
nessus 2
prion
prion
Cross site scripting
2007-04-18 18:19:00
nessus
nessus
Oracle Database Multiple Vulnerabilities (April 2007 CPU)
2011-11-16 00:00:00
Oracle Application Server Multiple Vulnerabilities
2012-01-24 00:00:00

5.7 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.056 Low

EPSS

Percentile

93.2%

JSON
Related for CVE-2007-2119
prion1nessus2