QwikSec

Security Database

CVE

CWE

Training

CVE-2008-5446

Published: Jan 14, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is related to unrestricted guest access to the "About Us Page" in the Oracle Applications Framework (OAF), which allows attackers to obtain sensitive system and application environment information.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

20090118 Advisory: Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability

mailing-list

x_refsource_BUGTRAQ

http://secniche.org/papers/orabs.pdf

x_refsource_MISC

vdb-entry

x_refsource_VUPEN

http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.