7.5

CVE-2007-0280

Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN01.   NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that OPMN01 is for a buffer overflow in Oracle Notification Service (ONS).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleApplication Server Version9.0.4.3
OracleApplication Server Version10.1.2.0.2
OracleApplication Server Version10.1.2.2
OracleCollaboration Suite Version9.0.4.2
OracleCollaboration Suite Version10.1.2
OracleHTTP Server Version9.0.1.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.07% 0.859
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/23794
Patch
Vendor Advisory
http://securitytracker.com/id?1017522
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
http://www.securityfocus.com/bid/22083
http://www.us-cert.gov/cas/techalerts/TA07-017A.html
Patch
US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/31541
http://osvdb.org/32905
http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html