Oracle E-Business (January 2014 CPU)

The version of Oracle E-Business installed on the remote host is missing the January 2014 Critical Patch Update CPU. It is, therefore, affected by vulnerabilities in the following components : - Oracle Payroll - Oracle Application Object Library - Oracle Applications Framework %NASLMINLEVEL 70300...

Design/Logic Flaw

Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remo...

CVE-2013-5056

The CVE-2013-5056 issue is a use-after-free vulnerability in the Microsoft Scripting Runtime Object Library (scrrun.dll) that allows remote code execution when a user visits a crafted website via Internet Explorer. Affected products span multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vis...

Microsoft Scripting Runtime Object Library Use-After-Free Code Execution (MS13-099; CVE-2013-5056)

A remote code execution vulnerability has been reported in the Microsoft Scripting Runtime Object Library...

FreeBSD : mozilla -- multiple vulnerabilities (7dfed67b-20aa-11e3-b8d8-0025905a4771)

The Mozilla Project reports : MFSA 2013-76 Miscellaneous memory safety hazards rv:24.0 / rv:17.0.9 MFSA 2013-77 Improper state in HTML5 Tree Builder with templates MFSA 2013-78 Integer overflow in ANGLE library MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning MFSA 2013-8...

Oracle E-Business (July 2013 CPU)

The version of Oracle E-Business installed on the remote host is missing the July 2013 Critical Patch Update CPU. It is, therefore, affected by security issues in the following components : - Oracle Landed Cost Management - Oracle Application Object Library - Oracle Applications Technology Stack ...

Shared object library loading from writable location — Mozilla

Mozilla developer Vladimir Vukicevic reported that Firefox for Android will optionally load a shared object .so library in order to enable GL tracing. When this is occurs, it can be from a world writable location, allowing for it to be replaced by malicious third party applications before it is...

CVE-2013-3777

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Signon...

CVE-2013-3777

The CVE-2013-3777 issue affects Oracle E-Business Suite, specifically the Oracle Application Object Library component, in versions 11.5.10.2, 12.0.6, and 12.1.3. The root cause is an unspecified vulnerability related to Signon that could compromise integrity via remote access (no confidentiality ...

CVE-2013-1517

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Diagnostics...

CVE-2012-1730

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Password Management...

CVE-2012-1727

The CVE-2012-1727 entry concerns Oracle E-Business Suite’s Oracle Application Object Library across versions 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3, with an unspecified vulnerability that allows remote authenticated users to affect integrity via unknown vectors related to the Docum...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Change Password Page...

CVE-2012-0535

Technical details (affected product scope, exploit method, and exact vulnerability vector) are not publicly available in the provided documents. Monitor for updated advisories or patches.

CVE-2012-0513

Oracle E-Business Suite’s Oracle Application Object Library (AOL) contains an unspecified vulnerability affecting REST Services in versions 12.0.6 and 12.1.3 that could allow remote attackers to impact integrity. The CVE description is repeated across sources (NVD entry CVE-2012-0513). No exploit...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors related to Attachments / File Upload...

CVE-2010-3589

Unspecified vulnerability in the Oracle Application Object Library component in Oracle Applications 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Logout...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Object Library component in Oracle Applications 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Logout...

CVE-2010-3589

Unspecified vulnerability in the Oracle Application Object Library component in Oracle Applications 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Logout...

CVE-2010-3589

Technical details about CVE-2010-3589 are not publicly provided in the connected documents. The available sources summarize an unspecified Oracle Application Object Library vulnerability related to Logout. Monitor for updates from Oracle CPU advisories.