ID CVE-2008-0348
Summary Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:e-business_suite:12.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:e-business_suite:12.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:e-business_suite:12.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:e-business_suite:12.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:e-business_suite:12.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:e-business_suite:12.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 23-10-2012 - 02:42)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 27229
cert TA08-017A
confirm http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html
hp
  • HPSBMA02133
  • SSRT061201
sectrack 1019218
secunia
  • 28518
  • 28556
vupen
  • ADV-2008-0150
  • ADV-2008-0180
saint via4
bid 27229
description Oracle XDB component PITRIG_TRUNCATE buffer overflow
id database_oracle_version
osvdb 40300
title oracle_xdb_pitrig_truncate
type remote
Last major update 23-10-2012 - 02:42
Published 17-01-2008 - 23:00
Last modified 23-10-2012 - 02:42
Back to Top