5
CVE-2007-0222
- EPSS 10.61%
- Veröffentlicht 17.01.2007 01:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:09
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably "\.." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed in CPU Jan 2007, but due to lack of details by Oracle, it is unclear which BugID this issue is associated with, so the other CVE cannot be determined. Possibilities include EM02 (CVE-2007-0292) or EM05 (CVE-2007-0293).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Application Server Version10.1.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.61% | 0.952 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://secunia.com/advisories/23794
http://securitytracker.com/id?1017522
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
http://www.securityfocus.com/bid/22083
http://www.securityfocus.com/archive/1/457105/100/0/threaded
http://www.securityfocus.com/archive/1/458657/100/0/threaded
http://www.securityfocus.com/bid/22027