NVD

Id
5219  
Name
CVE-2008-5446  
Description
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is related to unrestricted guest access to the "About Us Page" in the Oracle Applications Framework (OAF), which allows attackers to obtain sensitive system and application environment information.  
Reject
 
CVSS Version
2  
CVSS Score
3.5  
Severity
Low  
CVSS Base Score
3.5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:P/I:N/A:N)  
Pub Date
2017-01-03  
Published
2009-01-13  
Modified Date
2012-10-22  
Seq
2008-5446  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
32796 5219 CVE-2008-5446 http://secniche.org/papers/orabs.pdf  View
32797 5219 CVE-2008-5446 http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html  View
32798 5219 CVE-2008-5446 20090118 Advisory: Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability  View
32799 5219 CVE-2008-5446 33177  View
32800 5219 CVE-2008-5446 1021568  View
32801 5219 CVE-2008-5446 ADV-2009-0115  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
40652 JVNDB-2009-001658 Oracle E-Business Suite の Oracle Applications Framework コンポーネントにおける機密性に影響を及ぼされる脆弱性 Oracle E-Business Suite の Oracle Applications Framework コンポーネントには、機密性に影響を及ぼされる脆弱性が存在します。 CVE-2008-5446 35559 CVE-2008-5446 5219 3.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001658.html 2009-01-14 2009-07-08 View