CVE-2008-4014

EUVD-2008-3999
Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
oracleapplication_server
1.0
oracleapplication_server
1.0.2
oracleapplication_server
1.0.2.0
oracleapplication_server
1.0.2.1
oracleapplication_server
1.0.2.1s:s
oracleapplication_server
1.0.2.2
oracleapplication_server
1.0.2.2:r1
oracleapplication_server
1.0.2.2:r2
oracleapplication_server
1.0.2.2.2
oracleapplication_server
3.0.7
oracleapplication_server
4.0
oracleapplication_server
4.0.8
oracleapplication_server
4.0.8.2
oracleapplication_server
6.0.8.26_ps17:_ps17
oracleapplication_server
7.0.4.4
oracleapplication_server
8.1.7
oracleapplication_server
9.0
oracleapplication_server
9.0.2
oracleapplication_server
9.0.2:r2
oracleapplication_server
9.0.2.0.0
oracleapplication_server
9.0.2.0.1
oracleapplication_server
9.0.2.1
oracleapplication_server
9.0.2.2
oracleapplication_server
9.0.2.3
oracleapplication_server
9.0.3
oracleapplication_server
9.0.3.1
oracleapplication_server
9.0.4
oracleapplication_server
9.0.4.0
oracleapplication_server
9.0.4.1
oracleapplication_server
9.0.4.2
oracleapplication_server
9.0.4.3
oracleapplication_server
9.2.0.6
oracleapplication_server
9.2.0.7
oracleapplication_server
10.1.0.2
oracleapplication_server
10.1.0.3
oracleapplication_server
10.1.0.3.1
oracleapplication_server
10.1.0.4
oracleapplication_server
10.1.2
oracleapplication_server
10.1.2.0
oracleapplication_server
10.1.2.0.0
oracleapplication_server
10.1.2.0.0:r2
oracleapplication_server
10.1.2.0.1
oracleapplication_server
10.1.2.0.1:r2
oracleapplication_server
10.1.2.0.2
oracleapplication_server
10.1.2.0.2:r2
oracleapplication_server
10.1.2.1
oracleapplication_server
10.1.2.1.0
oracleapplication_server
10.1.2.2
oracleapplication_server
10.1.2.2.0
oracleapplication_server
10.1.2.3
oracleapplication_server
10.1.2_.0.1:_.0
oracleapplication_server
10.1.3
oracleapplication_server
10.1.3.0
oracleapplication_server
10.1.3.0.0
oracleapplication_server
10.1.3.1
oracleapplication_server
10.1.3.1.0
oracleapplication_server
10.1.3.2.0
oracleapplication_server
10.1.3.3
oracleapplication_server
10.1.3.3.0
oracleapplication_server
10.1.4.0
oracleapplication_server
10.1.4.0.1
oracleapplication_server
10.1.4.1
oracleapplication_server
10.1.4.1.0
oracleapplication_server
10.2.0.0
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/33525
http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html
http://www.securityfocus.com/bid/33177
http://www.securitytracker.com/id?1021572
http://www.vupen.com/english/advisories/2009/0115
http://secunia.com/advisories/33525
http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html
http://www.securityfocus.com/bid/33177
http://www.securitytracker.com/id?1021572
http://www.vupen.com/english/advisories/2009/0115