CVE-2007-0222 in Databaseinfo

Summary

Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably "\.." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed in CPU Jan 2007, but due to lack of details by Oracle, it is unclear which BugID this issue is associated with, so the other CVE cannot be determined. Possibilities include EM02 (CVE-2007-0292) or EM05 (CVE-2007-0293).

Once again VulDB remains the best source for vulnerability data.

Reservation

01/12/2007

Disclosure

01/16/2007

Moderation

VulDB entry created

Entries

VDB-2841 (1)

CPE

ready

CWE

CWE-22 (Confirmed)

CVSS

6.5

EPSS

0.01588

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-0222
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0222
CVE Details	https://www.cvedetails.com/cve/CVE-2007-0222/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!