CVE-2008-0348

Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://marc.info/?l=bugtraq&m=120058413923005&w=2
http://marc.info/?l=bugtraq&m=120058413923005&w=2
http://secunia.com/advisories/28518	Vendor Advisory
http://secunia.com/advisories/28556
http://securitytracker.com/id?1019218
http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html
http://www.securityfocus.com/bid/27229
http://www.us-cert.gov/cas/techalerts/TA08-017A.html	US Government Resource
http://www.vupen.com/english/advisories/2008/0150
http://www.vupen.com/english/advisories/2008/0180
http://marc.info/?l=bugtraq&m=120058413923005&w=2
http://marc.info/?l=bugtraq&m=120058413923005&w=2
http://secunia.com/advisories/28518	Vendor Advisory
http://secunia.com/advisories/28556
http://securitytracker.com/id?1019218
http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html
http://www.securityfocus.com/bid/27229
http://www.us-cert.gov/cas/techalerts/TA08-017A.html	US Government Resource
http://www.vupen.com/english/advisories/2008/0150
http://www.vupen.com/english/advisories/2008/0180

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:application_server:1.0.2.2:::::::*
	cpe:2.3:a:oracle:application_server:9.0.4.3:::::::*
	cpe:2.3:a:oracle:application_server:10.1.2.0.2:::::::*
	cpe:2.3:a:oracle:application_server:10.1.2.1.0:::::::*
	cpe:2.3:a:oracle:application_server:10.1.2.2.0:::::::*
	cpe:2.3:a:oracle:application_server:10.1.3.0.0:::::::*
	cpe:2.3:a:oracle:application_server:10.1.3.1.0:::::::*
	cpe:2.3:a:oracle:application_server:10.1.3.3.0:::::::*
	cpe:2.3:a:oracle:collaboration_suite:10.1.2:::::::*
	cpe:2.3:a:oracle:database_server:9.0.1.5::fips:::::
	cpe:2.3:a:oracle:database_server:9.2.0.8:::::::*
	cpe:2.3:a:oracle:database_server:9.2.0.8dv:::::::*
	cpe:2.3:a:oracle:database_server:10.1.0.5:::::::*
	cpe:2.3:a:oracle:database_server:10.2.0.2:::::::*
	cpe:2.3:a:oracle:database_server:10.2.0.3:::::::*
	cpe:2.3:a:oracle:database_server:11.1.0.6:::::::*
	cpe:2.3:a:oracle:e-business_suite:11.5.9:::::::*
	cpe:2.3:a:oracle:e-business_suite:11.5.10:::::::*
	cpe:2.3:a:oracle:e-business_suite:11.5.10.2:::::::*
	cpe:2.3:a:oracle:e-business_suite:12.0.0:::::::*
	cpe:2.3:a:oracle:e-business_suite:12.0.1:::::::*
	cpe:2.3:a:oracle:e-business_suite:12.0.2:::::::*
	cpe:2.3:a:oracle:e-business_suite:12.0.3:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:::::::*

History

21 Nov 2024, 00:41

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=120058413923005&w=2 -~~	() http://marc.info/?l=bugtraq&m=120058413923005&w=2 -
References	~~() http://secunia.com/advisories/28518 - Vendor Advisory~~	() http://secunia.com/advisories/28518 - Vendor Advisory
References	~~() http://secunia.com/advisories/28556 -~~	() http://secunia.com/advisories/28556 -
References	~~() http://securitytracker.com/id?1019218 -~~	() http://securitytracker.com/id?1019218 -
References	~~() http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html -~~	() http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html -
References	~~() http://www.securityfocus.com/bid/27229 -~~	() http://www.securityfocus.com/bid/27229 -
References	~~() http://www.us-cert.gov/cas/techalerts/TA08-017A.html - US Government Resource~~	() http://www.us-cert.gov/cas/techalerts/TA08-017A.html - US Government Resource
References	~~() http://www.vupen.com/english/advisories/2008/0150 -~~	() http://www.vupen.com/english/advisories/2008/0150 -
References	~~() http://www.vupen.com/english/advisories/2008/0180 -~~	() http://www.vupen.com/english/advisories/2008/0180 -

Information

Published : 2008-01-17 23:00

Updated : 2025-04-09 00:30

NVD link : CVE-2008-0348

Mitre link : CVE-2008-0348

CVE.ORG link : CVE-2008-0348

JSON object : View

Products Affected

oracle

database_server
peoplesoft_enterprise_peopletools
collaboration_suite
e-business_suite
application_server

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-0348", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-01-17T23:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=120058413923005&w=2", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=120058413923005&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28518", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28556", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1019218", "source": "cve@mitre.org"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/27229", "source": "cve@mitre.org"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0150", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0180", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=120058413923005&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=120058413923005&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/28518", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/28556", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1019218", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/27229", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/0150", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/0180", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en el componente PeopleTools de Oracle PeopleSoft Enterprise y JD Edwards EnterpriseOne 8.22.18, 8.48.15, y 8.49.07 tienen impacto y vectores de ataque remotos desconocidos, tambi\u00e9n conocidos como (1) PSE01, (2) PSE03, y (3) PSE04."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC4ED2EB-1E90-4E99-AAD6-5D838800F9B7"}, {"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CA9867F-D7BC-4230-9584-C2FBB6642482"}, {"criteria": "cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0B4BAA9-D045-4D2B-8220-47F47ED936DF"}, {"criteria": "cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE6C4D36-D9D1-4143-94AA-D8E08F23D2E3"}, {"criteria": "cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F01A3ABC-2033-47E0-A84C-62CCA67C578F"}, {"criteria": "cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DB877D9-C8BB-4A08-A953-043F7DB5BA6E"}, {"criteria": "cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B77FF3B-B84E-4918-8688-0B25CFC61141"}, {"criteria": "cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE059C8C-BA43-4757-8CA6-8E1B67DF8903"}, {"criteria": "cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDF7ABE6-0AFB-4A74-A533-2D390991A6CA"}, {"criteria": "cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D86DC2E3-3B89-4FAC-9B8F-DC629B50ADC7"}, {"criteria": "cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "432A3020-9977-4A10-9CDA-3A71E83F63F9"}, {"criteria": "cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37C10722-4CC7-4C06-8DBC-4D96307DB41E"}, {"criteria": "cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03A522A3-07D7-481F-A538-EA3D13256F63"}, {"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67FF2A2E-3693-424E-B53D-0BAD01D53F7A"}, {"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B"}, {"criteria": "cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2AF3BD5-BA86-485A-9E78-A5F95B1ECEBA"}, {"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78408427-3FFB-45C4-82EF-C8D636B3A718"}, {"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9B1BE09-4A96-41A3-AA1D-74533F396998"}, {"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80B61990-9CC2-4215-9879-AC817F4E6767"}, {"criteria": "cpe:2.3:a:oracle:e-business_suite:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D0CBDB5-B13D-4071-994A-E1318A3821DF"}, {"criteria": "cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "610AE265-C18D-4895-8034-5DB331DC68DF"}, {"criteria": "cpe:2.3:a:oracle:e-business_suite:12.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97765939-6102-402F-ACE7-AA7B2350016E"}, {"criteria": "cpe:2.3:a:oracle:e-business_suite:12.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1036B69E-013B-4492-B691-40BAC7C2F42A"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C2CF929-6203-436A-AAEB-6E2142B2B1F3"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C098860-0862-4C5B-8EE4-9469D5D01815"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "445508AC-3316-459F-98C1-8310EF327E8B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

10.0 /10