55 matches found
CVE-2023-22037
The CVE-2023-22037 vulnerability affects Oracle E-Business Suite’s Oracle Web Applications Desktop Integrator (MS Excel Specific) with affected versions 12.2.3–12.2.12. The issue enables a low-privilege, network-accessible attacker (via HTTP) to compromise the component, requiring user interactio...
PT-2023-3700 · Oracle +1 · Oracle Web Applications Desktop Integrator +1
Name of the Vulnerable Software and Affected Versions: Oracle Web Applications Desktop Integrator versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the MS Excel Specific component of Oracle Web Applications Desktop Integrator, part of the Oracle...
Oracle E-Business Suite Information Disclosure Vulnerability (CNVD-2023-08435)
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Web...
The vulnerability of the Upload component of the software environment for working with Oracle Web Applications desktop integrations allows a hacker to gain full control over the application.
The vulnerability of the Upload component of the software environment for working with Oracle Web Applications Desktop Integrator relates to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...
CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency CISA on February 2 added two security flaws to its Known Exploited Vulnerabilities KEV Catalog, citing evidence of active exploitation. The first of the two vulnerabilities is CVE-2022-21587 CVSS score: 9.8, a critical issue impacting...
Oracle E-Business Suite Unspecified Vulnerability
Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator...
The vulnerability of the Download component of the software for working with web applications, Oracle Web Applications Desktop Integrator from the enterprise automation system Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to protected data or to modify, add, or delete protected data.
The vulnerability of the Download component of the software for working with web applications, Oracle Web Applications Desktop Integrator of the enterprise automation system Oracle E-Business Suite, is related to insufficient validation of entered data. Exploiting this vulnerability can allow an...
CVE-2023-21847
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Download. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web...
CVE-2023-21847
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Download. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web...
PT-2023-1200 · Oracle · Oracle Web Applications Desktop Integrator
Name of the Vulnerable Software and Affected Versions: Oracle Web Applications Desktop Integrator versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the Download component of Oracle Web Applications Desktop Integrator, part of the Oracle E-Busine...
The vulnerability of the Upload component of the software environment for working with Oracle Web Applications desktop integrations allows a hacker to gain full control over the application.
The vulnerability of the Upload component of the Oracle Web Applications Desktop Integrator software lies in insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain full control over the application through the use of the HTTP protocol...
Oracle E-Business Suite has an unspecified vulnerability (CNVD-2023-05481)
Oracle E-Business Suite E-Business Suite is a fully integrated global business management software from Oracle Corporation USA. A security vulnerability exists in Oracle Web Applications Desktop Integrator for Oracle E-Business Suite. An unauthenticated attacker could exploit the vulnerability to...
Oracle E-Business Suite (Oct 2022 CPU)
The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions...
Vulnerabilities fixed in Oracle E-Business Suite
Vulnerabilities have been fixed in Oracle E-Business Suite. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root privileges Access to...
CVE-2022-39428
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...
CVE-2022-39428
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...
CVE-2022-21587
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...
CVE-2022-21587
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...
Code injection
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...
PT-2022-6231
Name of the Vulnerable Software and Affected Versions Oracle Web Applications Desktop Integrator versions 12.2.3 through 12.2.11 Description A flaw exists in the Upload component of Oracle Web Applications Desktop Integrator within Oracle E-Business Suite. This issue allows an unauthenticated...