CVE-2007-3862 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

Unspecified vulnerability in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 allows remote attackers to have an unknown impact via Oracle Single Sign On, aka AS01.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Oracle	Application Server	9.0.4.3

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&obje
http://secunia.com/advisories/26114Vendor Advisory
http://secunia.com/advisories/26166
http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2
http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html
http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html
http://www.securitytracker.com/id?1018415
http://www.us-cert.gov/cas/techalerts/TA07-200A.htmlUS Government Resource
http://www.vupen.com/english/advisories/2007/2562
http://www.vupen.com/english/advisories/2007/2635
https://exchange.xforce.ibmcloud.com/vulnerabilities/35490
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&obje
http://secunia.com/advisories/26114Vendor Advisory
http://secunia.com/advisories/26166
http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2

FAQ

What is CVE-2007-3862?

CVE-2007-3862 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 allows remote attackers to have an unknown impact via Oracle Single Sign On, aka AS01.

How severe is CVE-2007-3862?

CVE-2007-3862 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-3862?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Application Server.