CVE-2006-0275
Gravedad CVSS v2.0:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
18/01/2006
Última modificación:
03/04/2025
Descripción
*** Pendiente de traducción *** Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0.4.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# REP04. NOTE: Oracle has not disputed reliable researcher claims that this issue is related to directory traversal that allows reading of portions of arbitrary XML files via the customize parameter.
Impacto
Puntuación base 2.0
5.00
Gravedad 2.0
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://secunia.com/advisories/18493
- http://secunia.com/advisories/18608
- http://securitytracker.com/id?1015499=
- http://www.kb.cert.org/vuls/id/545804
- http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html
- http://www.red-database-security.com/advisory/oracle_reports_read_any_xml_file.html
- http://www.securityfocus.com/archive/1/422261/30/7430/threaded
- http://www.securityfocus.com/bid/16287
- http://www.vupen.com/english/advisories/2006/0243
- http://www.vupen.com/english/advisories/2006/0323
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24321
- http://secunia.com/advisories/18493
- http://secunia.com/advisories/18608
- http://securitytracker.com/id?1015499=
- http://www.kb.cert.org/vuls/id/545804
- http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html
- http://www.red-database-security.com/advisory/oracle_reports_read_any_xml_file.html
- http://www.securityfocus.com/archive/1/422261/30/7430/threaded
- http://www.securityfocus.com/bid/16287
- http://www.vupen.com/english/advisories/2006/0243
- http://www.vupen.com/english/advisories/2006/0323
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24321