CVE-2016-3534 in Installed Baseinfo

Summary

Unspecified vulnerability in the Oracle Installed Base component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Engineering Change Order. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue involves an open redirect vulnerability, which allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

03/17/2016

Disclosure

07/21/2016

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
89942	Oracle Installed Base Engineering Change Order information disclosure	200	Not defined	Official fix	CVE-2016-3534

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!