2 matches found
CVE-2015-4845
CVE-2015-4845 describes a vulnerability in Oracle E-Business Suiteās Application Object Library (AOL/J) affecting multiple versions (notably 12.2.4). The issue arises from a script in EBS that connects to the database and exposes connection status, enabling an attacker to enumerate database users...
Oracle E-Business Suite - Database user enumeration vulnerability
Application: E-Business Suite Vendor URL: Oracle Bugs: User enumeration Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin, Egor Karbutov ERPScan VULNERABILITY INFORMATION Class:...