Vulnerability Details : CVE-2007-3866
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via (a) Oracle Configurator (APPS02), (b) Oracle iExpenses (APPS03), (c) Oracle Application Object Library (APPS09), and (1) APPS12, (2) APPS13, and (3) APPS14 in (d) Oracle Payables.
Products affected by CVE-2007-3866
- cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-3866
4.46%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-3866
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2007-3866
-
http://secunia.com/advisories/26114
Vendor Advisory
-
http://secunia.com/advisories/26166
-
http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html
-
http://www.securitytracker.com/id?1018415
-
http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/35490
-
http://www.securityfocus.com/archive/1/474515/100/0/threaded
-
http://www.vupen.com/english/advisories/2007/2635
-
http://www.us-cert.gov/cas/techalerts/TA07-200A.html
US Government Resource
-
http://www.vupen.com/english/advisories/2007/2562
-
http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143
Jump to