Lucene search
HistoryJan 14, 2009 - 2:30 a.m.
CVE-2008-4014
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
AI Score
5.2
Confidence
Low
EPSS
0.006
Percentile
79.0%
Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Affected configurations
Node
oracleapplication_serverMatch1.0
ORoracleapplication_serverMatch1.0.2
ORoracleapplication_serverMatch1.0.2.0
ORoracleapplication_serverMatch1.0.2.1
ORoracleapplication_serverMatch1.0.2.1s
ORoracleapplication_serverMatch1.0.2.2
ORoracleapplication_serverMatch1.0.2.2r1
ORoracleapplication_serverMatch1.0.2.2r2
ORoracleapplication_serverMatch1.0.2.2.2
ORoracleapplication_serverMatch3.0.7
ORoracleapplication_serverMatch4.0
ORoracleapplication_serverMatch4.0.8
ORoracleapplication_serverMatch4.0.8.2
ORoracleapplication_serverMatch6.0.8.26_ps17
ORoracleapplication_serverMatch7.0.4.4
ORoracleapplication_serverMatch8.1.7
ORoracleapplication_serverMatch9.0
ORoracleapplication_serverMatch9.0.2
ORoracleapplication_serverMatch9.0.2r2
ORoracleapplication_serverMatch9.0.2.0.0
ORoracleapplication_serverMatch9.0.2.0.1
ORoracleapplication_serverMatch9.0.2.1
ORoracleapplication_serverMatch9.0.2.2
ORoracleapplication_serverMatch9.0.2.3
ORoracleapplication_serverMatch9.0.3
ORoracleapplication_serverMatch9.0.3.1
ORoracleapplication_serverMatch9.0.4
ORoracleapplication_serverMatch9.0.4.0
ORoracleapplication_serverMatch9.0.4.1
ORoracleapplication_serverMatch9.0.4.2
ORoracleapplication_serverMatch9.0.4.3
ORoracleapplication_serverMatch9.2.0.6
ORoracleapplication_serverMatch9.2.0.7
ORoracleapplication_serverMatch10.1.0.2
ORoracleapplication_serverMatch10.1.0.3
ORoracleapplication_serverMatch10.1.0.3.1
ORoracleapplication_serverMatch10.1.0.4
ORoracleapplication_serverMatch10.1.2
ORoracleapplication_serverMatch10.1.2.0
ORoracleapplication_serverMatch10.1.2.0.0
ORoracleapplication_serverMatch10.1.2.0.0r2
ORoracleapplication_serverMatch10.1.2.0.1
ORoracleapplication_serverMatch10.1.2.0.1r2
ORoracleapplication_serverMatch10.1.2.0.2
ORoracleapplication_serverMatch10.1.2.0.2r2
ORoracleapplication_serverMatch10.1.2.1
ORoracleapplication_serverMatch10.1.2.1.0
ORoracleapplication_serverMatch10.1.2.2
ORoracleapplication_serverMatch10.1.2.2.0
ORoracleapplication_serverMatch10.1.2.3
ORoracleapplication_serverMatch10.1.2_.0.1
ORoracleapplication_serverMatch10.1.3
ORoracleapplication_serverMatch10.1.3.0
ORoracleapplication_serverMatch10.1.3.0.0
ORoracleapplication_serverMatch10.1.3.1
ORoracleapplication_serverMatch10.1.3.1.0
ORoracleapplication_serverMatch10.1.3.2.0
ORoracleapplication_serverMatch10.1.3.3
ORoracleapplication_serverMatch10.1.3.3.0
ORoracleapplication_serverMatch10.1.4.0
ORoracleapplication_serverMatch10.1.4.0.1
ORoracleapplication_serverMatch10.1.4.1
ORoracleapplication_serverMatch10.1.4.1.0
ORoracleapplication_serverMatch10.2.0.0
ORoracleapplication_serverMatch11i
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oracle | application_server | 1.0 | cpe:2.3:a:oracle:application_server:1.0:*:*:*:*:*:*:* |
| oracle | application_server | 1.0.2 | cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:* |
| oracle | application_server | 1.0.2.0 | cpe:2.3:a:oracle:application_server:1.0.2.0:*:*:*:*:*:*:* |
| oracle | application_server | 1.0.2.1 | cpe:2.3:a:oracle:application_server:1.0.2.1:*:*:*:*:*:*:* |
| oracle | application_server | 1.0.2.1s | cpe:2.3:a:oracle:application_server:1.0.2.1s:*:*:*:*:*:*:* |
| oracle | application_server | 1.0.2.2 | cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:* |
| oracle | application_server | 1.0.2.2 | cpe:2.3:a:oracle:application_server:1.0.2.2:r1:*:*:*:*:*:* |
| oracle | application_server | 1.0.2.2 | cpe:2.3:a:oracle:application_server:1.0.2.2:r2:*:*:*:*:*:* |
| oracle | application_server | 1.0.2.2.2 | cpe:2.3:a:oracle:application_server:1.0.2.2.2:*:*:*:*:*:*:* |
| oracle | application_server | 3.0.7 | cpe:2.3:a:oracle:application_server:3.0.7:*:*:*:*:*:*:* |
Related
prion
prion
Buffer overflow
2009-01-14 02:30:00
checkpoint_advisories
checkpoint_advisories
erpscan
erpscan
Oracle Application Server (SOA) — Linked XSS vulnerability
2008-10-01 00:00:00
cve
cve
CVE-2008-4014
2009-01-14 02:30:00
cvelist
cvelist
CVE-2008-4014
2009-01-14 02:00:00
packetstorm
packetstorm
Oracle Application Server Cross Site Scripting
2009-01-15 00:00:00
securityvulns
securityvulns
Digital Security Research Group [DSecRG] Advisory #DSECRG-09-001
2009-01-16 00:00:00
Oracle applications multiple security vulnerabilities
2009-12-15 00:00:00
oracle
oracle
CPU Jan 2009
2009-01-13 00:00:00
nessus
nessus
Oracle Application Server Multiple Vulnerabilities
2012-01-24 00:00:00
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
AI Score
5.2
Confidence
Low
EPSS
0.006
Percentile
79.0%
Related for NVD:CVE-2008-4014