ID CVE-2016-5585 Type cve Reporter NVD Modified 2017-07-28T21:34:12
Description
Unspecified vulnerability in the Oracle Interaction Center Intelligence component in Oracle E-Business Suite 12.1.1 through 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors.
{"nessus": [{"lastseen": "2019-02-21T01:28:13", "bulletinFamily": "scanner", "description": "The version of Oracle E-Business installed on the remote host is missing the October 2016 Oracle Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities :\n\n - A heap buffer overflow condition exists in the OpenSSL subcomponent in the EVP_EncodeUpdate() function within file crypto/evp/encode.c that is triggered when handling a large amount of input data. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2016-2105)\n\n - A heap buffer overflow condition exists in the OpenSSL subcomponent in the EVP_EncryptUpdate() function within file crypto/evp/evp_enc.c that is triggered when handling a large amount of input data after a previous call occurs to the same function with a partial block.\n An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2016-2106)\n\n - Multiple flaws exist in the OpenSSL subcomponent in the aesni_cbc_hmac_sha1_cipher() function in file crypto/evp/e_aes_cbc_hmac_sha1.c and the aesni_cbc_hmac_sha256_cipher() function in file crypto/evp/e_aes_cbc_hmac_sha256.c that are triggered when the connection uses an AES-CBC cipher and AES-NI is supported by the server. A man-in-the-middle attacker can exploit these to conduct a padding oracle attack, resulting in the ability to decrypt the network traffic.\n (CVE-2016-2107)\n\n - Multiple unspecified flaws exist in the OpenSSL subcomponent in the d2i BIO functions when reading ASN.1 data from a BIO due to invalid encoding causing a large allocation of memory. An unauthenticated, remote attacker can exploit these to cause a denial of service condition through resource exhaustion. (CVE-2016-2109)\n\n - An out-of-bounds read error exists in the OpenSSL subcomponent in the X509_NAME_oneline() function within file crypto/x509/x509_obj.c when handling very long ASN1 strings. An unauthenticated, remote attacker can exploit this to disclose the contents of stack memory.\n (CVE-2016-2176)\n\n - An unspecified flaw exists in the Runtime Catalog subcomponent in the iStore component that allows an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2016-5489)\n\n - An unspecified flaw exists in the AD Utilities subcomponent in the Applications DBA component that allows a local attacker to disclose sensitive information. (CVE-2016-5517) \n - An unspecified flaw exists in the Workflow Events subcomponent in the Shipping Execution component that allows an unauthenticated, remote attacker to disclose sensitive information. (CVE-2016-5532)\n\n - An unspecified flaw exists in the Price Book subcomponent in the Advanced Pricing component that allows an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2016-5557)\n\n - An unspecified flaw exists in the Requisition Management subcomponent in the iProcurement component that allows an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2016-5562)\n\n - Multiple unspecified flaws exist in the AD Utilities subcomponent in the DBA component that allow an authenticated, remote attacker to impact confidentiality and integrity. (CVE- 2016-5567, CVE-2016-5570, CVE-2016-5571)\n\n - An unspecified flaw exists in the Resources Module subcomponent in the Common Applications Calendar component that allows an unauthenticated, remote attacker to disclose sensitive information.\n (CVE-2016-5575)\n\n - An unspecified flaw exists in the Candidate Self Service subcomponent in the iRecruitment component that allows a local attacker to gain elevated privileges.\n (CVE-2016-5581)\n\n - An unspecified flaw exists in the File Upload subcomponent in the One-to-One Fulfillment component that allows an unauthenticated, remote attacker to impact integrity. (CVE-2016-5583)\n\n - An unspecified flaw exists in the Select Application Dependencies subcomponent in the Interaction Center Intelligence component that allow an unauthenticated, remote attacker to impact confidentiality and integrity.\n (CVE-2016-5585)\n\n - An unspecified flaw exists in the Dispatch/Service Call Requests subcomponent in the Email Center component that allow an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2016-5586)\n\n - Multiple unspecified flaws exist in the Outcome-Result subcomponent in the Customer Interaction History component that allow an unauthenticated, remote attacker to impact confidentiality and integrity.\n (CVE-2016-5587, CVE-2016-5591, CVE-2016-5593)\n\n - An unspecified flaw exists in the Responsibility Management subcomponent in the CRM Technical Foundation component that allows an unauthenticated, remote attacker to impact confidentiality and integrity.\n (CVE-2016-5589)\n\n - Multiple unspecified flaws exist in the Result-Reason subcomponent in the Customer Interaction History component that allow an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2016-5592, CVE-2016-5595)\n\n - An unspecified flaw exists in the Default Responsibility subcomponent in the CRM Technical Foundation component that allows an unauthenticated, remote attacker to disclose sensitive information. (CVE-2016-5596)", "modified": "2018-07-17T00:00:00", "id": "ORACLE_E-BUSINESS_CPU_OCT_2016.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=94164", "published": "2016-10-20T00:00:00", "title": "Oracle E-Business Multiple Vulnerabilities (October 2016 CPU)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94164);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/17 12:00:07\");\n\n script_cve_id(\n \"CVE-2016-2105\",\n \"CVE-2016-2106\",\n \"CVE-2016-2107\",\n \"CVE-2016-2109\",\n \"CVE-2016-2176\",\n \"CVE-2016-5489\",\n \"CVE-2016-5517\",\n \"CVE-2016-5532\",\n \"CVE-2016-5557\",\n \"CVE-2016-5562\",\n \"CVE-2016-5567\",\n \"CVE-2016-5570\",\n \"CVE-2016-5571\",\n \"CVE-2016-5575\",\n \"CVE-2016-5581\",\n \"CVE-2016-5583\",\n \"CVE-2016-5585\",\n \"CVE-2016-5586\",\n \"CVE-2016-5587\",\n \"CVE-2016-5589\",\n \"CVE-2016-5591\",\n \"CVE-2016-5592\",\n \"CVE-2016-5593\",\n \"CVE-2016-5595\",\n \"CVE-2016-5596\"\n );\n script_bugtraq_id(\n 87940,\n 89744,\n 89746,\n 89757,\n 89760,\n 93690,\n 93694,\n 93699,\n 93703,\n 93707,\n 93721,\n 93724,\n 93729,\n 93738,\n 93739,\n 93743,\n 93747,\n 93750,\n 93756,\n 93758,\n 93761,\n 93762,\n 93764,\n 93769,\n 93770\n );\n script_xref(name:\"EDB-ID\", value:\"39768\");\n\n script_name(english:\"Oracle E-Business Multiple Vulnerabilities (October 2016 CPU)\");\n script_summary(english:\"Checks for the October 2016 CPU.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle E-Business installed on the remote host is\nmissing the October 2016 Oracle Critical Patch Update (CPU). It is,\ntherefore, affected by multiple vulnerabilities :\n\n - A heap buffer overflow condition exists in the OpenSSL\n subcomponent in the EVP_EncodeUpdate() function within\n file crypto/evp/encode.c that is triggered when handling\n a large amount of input data. An unauthenticated, remote\n attacker can exploit this to cause a denial of service\n condition. (CVE-2016-2105)\n\n - A heap buffer overflow condition exists in the OpenSSL\n subcomponent in the EVP_EncryptUpdate() function within\n file crypto/evp/evp_enc.c that is triggered when\n handling a large amount of input data after a previous\n call occurs to the same function with a partial block.\n An unauthenticated, remote attacker can exploit this to\n cause a denial of service condition. (CVE-2016-2106)\n\n - Multiple flaws exist in the OpenSSL subcomponent in the\n aesni_cbc_hmac_sha1_cipher() function in file\n crypto/evp/e_aes_cbc_hmac_sha1.c and the\n aesni_cbc_hmac_sha256_cipher() function in file\n crypto/evp/e_aes_cbc_hmac_sha256.c that are triggered\n when the connection uses an AES-CBC cipher and AES-NI\n is supported by the server. A man-in-the-middle attacker\n can exploit these to conduct a padding oracle attack,\n resulting in the ability to decrypt the network traffic.\n (CVE-2016-2107)\n\n - Multiple unspecified flaws exist in the OpenSSL\n subcomponent in the d2i BIO functions when reading ASN.1\n data from a BIO due to invalid encoding causing a large\n allocation of memory. An unauthenticated, remote\n attacker can exploit these to cause a denial of service\n condition through resource exhaustion. (CVE-2016-2109)\n\n - An out-of-bounds read error exists in the OpenSSL\n subcomponent in the X509_NAME_oneline() function within\n file crypto/x509/x509_obj.c when handling very long ASN1\n strings. An unauthenticated, remote attacker can exploit\n this to disclose the contents of stack memory.\n (CVE-2016-2176)\n\n - An unspecified flaw exists in the Runtime Catalog\n subcomponent in the iStore component that allows an\n unauthenticated, remote attacker to impact\n confidentiality and integrity. (CVE-2016-5489)\n\n - An unspecified flaw exists in the AD Utilities\n subcomponent in the Applications DBA component that\n allows a local attacker to disclose sensitive\n information. (CVE-2016-5517)\n \n - An unspecified flaw exists in the Workflow Events\n subcomponent in the Shipping Execution component that\n allows an unauthenticated, remote attacker to disclose\n sensitive information. (CVE-2016-5532)\n\n - An unspecified flaw exists in the Price Book\n subcomponent in the Advanced Pricing component that\n allows an unauthenticated, remote attacker to impact\n confidentiality and integrity. (CVE-2016-5557)\n\n - An unspecified flaw exists in the Requisition Management\n subcomponent in the iProcurement component that allows\n an unauthenticated, remote attacker to impact\n confidentiality and integrity. (CVE-2016-5562)\n\n - Multiple unspecified flaws exist in the AD Utilities\n subcomponent in the DBA component that allow an\n authenticated, remote attacker to impact confidentiality\n and integrity. (CVE- 2016-5567, CVE-2016-5570,\n CVE-2016-5571)\n\n - An unspecified flaw exists in the Resources Module\n subcomponent in the Common Applications Calendar\n component that allows an unauthenticated, remote\n attacker to disclose sensitive information.\n (CVE-2016-5575)\n\n - An unspecified flaw exists in the Candidate Self Service\n subcomponent in the iRecruitment component that allows a\n local attacker to gain elevated privileges.\n (CVE-2016-5581)\n\n - An unspecified flaw exists in the File Upload\n subcomponent in the One-to-One Fulfillment component\n that allows an unauthenticated, remote attacker to\n impact integrity. (CVE-2016-5583)\n\n - An unspecified flaw exists in the Select Application\n Dependencies subcomponent in the Interaction Center\n Intelligence component that allow an unauthenticated,\n remote attacker to impact confidentiality and integrity.\n (CVE-2016-5585)\n\n - An unspecified flaw exists in the Dispatch/Service Call\n Requests subcomponent in the Email Center component that\n allow an unauthenticated, remote attacker to impact\n confidentiality and integrity. (CVE-2016-5586)\n\n - Multiple unspecified flaws exist in the Outcome-Result\n subcomponent in the Customer Interaction History\n component that allow an unauthenticated, remote\n attacker to impact confidentiality and integrity.\n (CVE-2016-5587, CVE-2016-5591, CVE-2016-5593)\n\n - An unspecified flaw exists in the Responsibility\n Management subcomponent in the CRM Technical Foundation\n component that allows an unauthenticated, remote\n attacker to impact confidentiality and integrity.\n (CVE-2016-5589)\n\n - Multiple unspecified flaws exist in the Result-Reason\n subcomponent in the Customer Interaction History\n component that allow an unauthenticated, remote attacker\n to impact confidentiality and integrity. (CVE-2016-5592,\n CVE-2016-5595)\n\n - An unspecified flaw exists in the Default Responsibility\n subcomponent in the CRM Technical Foundation component\n that allows an unauthenticated, remote attacker to\n disclose sensitive information. (CVE-2016-5596)\");\n # http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bac902d5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the October 2016 Oracle\nCritical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\",value:\"2016/04/22\");\n script_set_attribute(attribute:\"patch_publication_date\",value:\"2016/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/20\");\n\n script_set_attribute(attribute:\"plugin_type\",value:\"local\");\n script_set_attribute(attribute:\"cpe\",value:\"cpe:/a:oracle:e-business_suite\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"oracle_e-business_query_patch_info.nbin\");\n script_require_keys(\"Oracle/E-Business/Version\", \"Oracle/E-Business/patches/installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"Oracle/E-Business/Version\");\npatches = get_kb_item_or_exit(\"Oracle/E-Business/patches/installed\");\n\n# Batch checks\nif (patches) patches = split(patches, sep:',', keep:FALSE);\nelse patches = make_list();\n\np12_1 = '24390793';\np12_2 = '24390794';\n\n# Check if the installed version is an affected version\naffected_versions = make_array(\n '12.1.1', make_list(p12_1),\n '12.1.2', make_list(p12_1),\n '12.1.3', make_list(p12_1),\n\n '12.2.3', make_list(p12_2),\n '12.2.4', make_list(p12_2),\n '12.2.5', make_list(p12_2),\n '12.2.6', make_list(p12_2)\n);\n\npatched = FALSE;\naffectedver = FALSE;\n\nif (affected_versions[version])\n{\n affectedver = TRUE;\n patchids = affected_versions[version];\n foreach required_patch (patchids)\n {\n foreach applied_patch (patches)\n {\n if(required_patch == applied_patch)\n {\n patched = applied_patch;\n break;\n }\n }\n if(patched) break;\n }\n if(!patched) patchreport = join(patchids,sep:\" or \");\n}\n\nif (!patched && affectedver)\n{\n if(report_verbosity > 0)\n {\n report =\n '\\n Installed version : '+version+\n '\\n Fixed version : '+version+' Patch '+patchreport+\n '\\n';\n security_hole(port:0,extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse if (!affectedver) audit(AUDIT_INST_VER_NOT_VULN, 'Oracle E-Business', version);\nelse exit(0, 'The Oracle E-Business server ' + version + ' is not affected because patch ' + patched + ' has been applied.');\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oracle": [{"lastseen": "2019-05-17T06:21:30", "bulletinFamily": "software", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 253 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\nPlease note that the vulnerabilities in this Critical Patch Update are scored using version 3.0 of Common Vulnerability Scoring Standard (CVSS).\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "modified": "2019-05-16T00:00:00", "published": "2016-10-18T00:00:00", "id": "ORACLE:CPUOCT2016-2881722", "href": "", "title": "Oracle Critical Patch Update - October 2016", "type": "oracle", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
