Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Application_server
(Oracle)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 199 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2009-10-22 | CVE-2009-1990 | Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors. | Application_server | N/A | ||
| 2009-07-14 | CVE-2009-1976 | Unspecified vulnerability in the HTTP Server component in Oracle Application Server 10.1.2.3 allows remote attackers to affect integrity via unknown vectors. | Application_server | N/A | ||
| 2009-04-15 | CVE-2009-1011 | Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is for multiple integer overflows in a function that parses an optional data stream within a Microsoft Office file, leading to a heap-based buffer overflow. | Application_server | N/A | ||
| 2009-04-15 | CVE-2009-1010 | Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008. | Websphere_portal, Application_server | N/A | ||
| 2009-04-15 | CVE-2009-1009 | Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML. | Websphere_portal, Application_server | N/A | ||
| 2009-04-15 | CVE-2009-1008 | Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010. | Websphere_portal, Application_server | N/A | ||
| 2009-07-14 | CVE-2009-0217 | The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23,... | Websphere_application_server, Mono, Application_server, Bea_product_suite, Weblogic_server_component | N/A | ||
| 2009-09-14 | CVE-2008-7233 | Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator component, aka AS02. | Application_server, E\-Business_suite_11i | N/A | ||
| 2009-01-14 | CVE-2008-4017 | Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors. | Application_server | N/A | ||
| 2009-01-14 | CVE-2008-4014 | Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | Application_server | N/A |