EUVD-2016-4591

Malware in sbrugna...

The vulnerability of the Spring Framework component of the Oracle Retail Order Broker software product allows a hacker to gain full control over the application.

The vulnerability of the Spring Framework component of the Oracle Retail Order Broker product exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability can allow an attacker to gain full control over the application using the HTTP protocol...

PT-2020-2651 · Oracle +2 · Oracle Retail Order Broker +2

Name of the Vulnerable Software and Affected Versions: Spring Framework versions 5.0.x prior to 5.0.16 Spring Framework versions 5.1.x prior to 5.1.13 Spring Framework versions 5.2.x prior to 5.2.3 Oracle Retail Order Broker affected versions not specified Description: The issue exists due to...

CVE-2016-3611

Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote attackers to affect confidentiality and integrity via vectors related to System Administration...

CVE-2016-3611

Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote attackers to affect confidentiality and integrity via vectors related to System Administration...

CVE-2016-3565

Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 5.1 and 5.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to System Administration...

CVE-2016-3611

Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote attackers to affect confidentiality and integrity via vectors related to System Administration...

CVE-2016-3565

CVE-2016-3565 affects Oracle Retail Applications (Order Broker component) in versions 5.1/5.2. The vulnerability allows remote authenticated users to impact confidentiality, integrity, and availability via System Administration–related vectors. Exploit details are not provided in the documents; n...

Unspecified Vulnerability in Oracle Order Broker Cloud Service Component

Oracle Retail Applications is a suite of retail application store solutions. An unspecified vulnerability in the Oracle Order Broker Cloud Service component allows remote attackers to exploit the vulnerability to gain unauthorized access to data, modify data, and launch denial of service attacks...

CVE-2016-0500

Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Administration...

Buffer overflow

Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Administration...