NVD

Id
52451  
Name
CVE-2007-0222  
Description
Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably ".." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed in CPU Jan 2007, but due to lack of details by Oracle, it is unclear which BugID this issue is associated with, so the other CVE cannot be determined. Possibilities include EM02 (CVE-2007-0292) or EM05 (CVE-2007-0293).  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-07  
Published
2007-01-16  
Modified Date
2012-10-22  
Seq
2007-0222  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
264986 52451 CVE-2007-0222 1017522  View
264987 52451 CVE-2007-0222 http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html  View
264988 52451 CVE-2007-0222 20070115 SYMSA-2007-001: Oracle Application Server 10g - Directory Traversal  View
264989 52451 CVE-2007-0222 20070131 Oracle 10g R2 Enterprise Manager Directory Traversal  View
264990 52451 CVE-2007-0222 22027  View
264991 52451 CVE-2007-0222 22083  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
51365 JVNDB-2007-000027 Oracle Application Server の EmChartBean コンポーネントにおけるディレクトリトラバーサルの脆弱性 Oracle Application Server の EmChartBean コンポーネントにはディレクトリトラバーサルの脆弱性が存在します。 CVE-2007-0222 23577 CVE-2007-0222 52451 5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000027.html 2007-01-16 2007-04-01 View