Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2007-2135
HistoryApr 24, 2007 - 8:19 p.m.

Code injection

2007-04-2420:19:00
PRIOn knowledge base
www.prio-n.com
2

6.4 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.01 Low

EPSS

Percentile

83.3%

JSON

The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS.FND_DOCUMENTS table via the ADI_DISPLAY_REPORT function, when passed a certain parameter. NOTE: due to lack of details from Oracle, it is not clear whether this issue is related to other CVE identifiers such as CVE-2007-2126, CVE-2007-2127, or CVE-2007-2128.

Related

cve 5
prion 4
securityvulns 2
zdi 1
cve
cve
CVE-2007-2135
2007-04-24 20:19:00
CVE-2007-2170
2007-04-24 20:19:00
CVE-2007-2128
2007-04-18 18:19:00
prion
prion
Code injection
2007-04-24 20:19:00
Code injection
2007-04-18 18:19:00
Design/Logic Flaw
2007-04-18 18:19:00
securityvulns
securityvulns
ZDI-07-017: Oracle E-Business Suite Arbitrary Document Download Vulnerability
2007-04-20 00:00:00
Oracle critical patch update
2007-04-20 00:00:00
zdi
zdi
Oracle E-Business Suite Arbitrary Document Download Vulnerability
2007-04-18 00:00:00

6.4 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.01 Low

EPSS

Percentile

83.3%

JSON
Related for PRION:CVE-2007-2135
cve5prion4securityvulns2zdi1