Published: 21/07/2016 Updated: 01/09/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 4.7 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Unspecified vulnerability in the Oracle Installed Base component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote malicious users to affect integrity via vectors related to Engineering Change Order. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue involves an open redirect vulnerability, which allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle installed base 12.1.3
oracle installed base 12.2.3
oracle installed base 12.2.4
oracle installed base 12.2.5
oracle installed base 12.1.1
oracle installed base 12.1.2

NVD-CWE-noinfo http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html https://www.onapsis.com/blog/oracle-fixes-record-276-vulnerabilities-july-2016 http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/91907 http://www.securitytracker.com/id/1036403 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-3534

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect