NVD

Id
19343  
Name
CVE-2016-3536  
Description
Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Deliverables. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue involves multiple cross-site scripting (XSS) vulnerabilities, which allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.  
Reject
 
CVSS Version
2  
CVSS Score
7  
Severity
High  
CVSS Base Score
7  
CVSS Impact Subscore
7.8  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:C/I:P/A:N)  
Pub Date
2017-01-19  
Published
2016-07-21  
Modified Date
2016-11-28  
Seq
2016-3536  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
106643 19343 CVE-2016-3536 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html  View
106644 19343 CVE-2016-3536 91787  View
106645 19343 CVE-2016-3536 91857  View
106646 19343 CVE-2016-3536 https://www.onapsis.com/blog/oracle-fixes-record-276-vulnerabilities-july-2016  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
3202 JVNDB-2016-003975 Oracle E-Business Suite の Oracle Marketing における Deliverables に関する脆弱性 Oracle E-Business Suite の Oracle Marketing には、Deliverables に関する処理に不備があるため、機密性、および完全性に影響のある脆弱性が存在します。 CVE-2016-3536 90042 CVE-2016-3536 19343 7 8.2 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-003975.html 2016-07-19 2016-07-27 View