Vulnerability Name: CVE-2006-1879 (CCN-26057) Assigned: 2006-04-18 Published: 2006-04-18 Updated: 2018-10-18 Summary: Multiple unspecified vulnerabilities in the Email Server component in Oracle Collaboration Suite 9.0.4.2, 10.1.1, 10.1.2.0, and 10.1.2.1 have unknown impact and attack vectors, aka Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04. CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: CCNMultiple critical and high risk issues in Oracle's database server CVE-2006-1879 Oracle Products Multiple Vulnerabilities 19712 HP Oracle for OpenView Multiple Vulnerabilities 19859 Oracle Database and Other Products Have Multiple Unspecified Vulnerabilities With Unspecified Impact 1015961 Oracle Collaboration Suite Email Server contains a vulnerability that may compromise system confidentiality VU#549146 Oracle Collaboration Suite Email Server vulnerability VU#879041 Oracle Critical Patch Update Advisory - April 2006 http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html Details Oracle Critical Patch Update April 2006 - V1.03 SSRT061148 17590 Oracle April 2006 Security Update Multiple Vulnerabilities Oracle Products Contain Multiple Vulnerabilities TA06-109A ADV-2006-1397 ADV-2006-1571 oracle-collab-unauth-access(26057) oracle-collab-unauth-access(26057) Vulnerable Configuration: Configuration 1 :cpe:/a:oracle:collaboration_suite:9.0.4.2:*:*:*:*:*:*:* OR cpe:/a:oracle:collaboration_suite:10.1.1:*:*:*:*:*:*:* OR cpe:/a:oracle:collaboration_suite:10.1.2.0:*:*:*:*:*:*:* OR cpe:/a:oracle:collaboration_suite:10.1.2.1:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:oracle:collaboration_suite:9.0.4.2:r2:*:*:*:*:*:* OR cpe:/a:oracle:collaboration_suite:10.1.1:r1:*:*:*:*:*:* OR cpe:/a:oracle:collaboration_suite:10.1.2:r1:*:*:*:*:*:* Vulnerability Name: CVE-2006-1879 (CCN-39381) Assigned: 2006-04-15 Published: 2006-04-15 Updated: 2018-10-18 Summary: Multiple unspecified vulnerabilities in the Email Server component in Oracle Collaboration Suite 9.0.4.2, 10.1.1, 10.1.2.0, and 10.1.2.1 have unknown impact and attack vectors, aka Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04. CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C 7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: MITRECVE-2006-0435 CVE-2006-1866 CVE-2006-1867 CVE-2006-1868 CVE-2006-1869 CVE-2006-1870 CVE-2006-1871 CVE-2006-1872 CVE-2006-1873 CVE-2006-1874 CVE-2006-1875 CVE-2006-1876 CVE-2006-1877 CVE-2006-1879 CVE-2006-1880 CVE-2006-1881 CVE-2006-1882 CVE-2006-1883 CVE-2006-1884 CVE-2006-1885 CVE-2006-1886 CVE-2006-1887 Critical Patch Update - April 2006 Oracle PL/SQL Gateway SQL command execution oracle-cpu-apr2006(39381) Vulnerable Configuration: Configuration CCN 1 :cpe:/a:oracle:database_server:8.1.7.4:*:*:*:*:*:*:* OR cpe:/a:oracle:database_server:9.2.0.6:r2:*:*:*:*:*:* OR cpe:/a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:* OR cpe:/a:oracle:collaboration_suite:9.0.4.2:r2:*:*:*:*:*:* OR cpe:/a:oracle:database_server:10.1.0.4:r1:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.0:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_manager_grid_control:10.1.0.3:*:*:*:*:*:*:* OR cpe:/a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_manager_grid_control:10.1.0.4:*:*:*:*:*:*:* OR cpe:/a:oracle:application_server:10.1.2.0.0:r2:*:*:*:*:*:* OR cpe:/a:oracle:application_server:10.1.2.0.1:r2:*:*:*:*:*:* OR cpe:/a:oracle:application_server:10.1.2.0.2:r2:*:*:*:*:*:* OR cpe:/a:oracle:database_server:10.2.0.1:r2:*:*:*:*:*:* OR cpe:/a:oracle:database_server:10.1.0.5:r1:*:*:*:*:*:* OR cpe:/a:oracle:database_server:9.2.0.7:r2:*:*:*:*:*:* OR cpe:/a:oracle:collaboration_suite:10.1.1:r1:*:*:*:*:*:* OR cpe:/a:oracle:collaboration_suite:10.1.2:r1:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:* OR cpe:/a:oracle:database_server:10.2.0.2:r2:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_manager_grid_control:10.2.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:enterpriseone:8.95:*:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:* OR cpe:/a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:* OR cpe:/a:oracle:enterpriseone:8.95.f1:*:*:*:*:*:*:* OR cpe:/a:oracle:enterpriseone:8.95.j1:*:*:*:*:*:*:* OR cpe:/a:oracle:peoplesoft_enterprise_tools:8.46.12:*:*:*:*:*:*:* OR cpe:/a:oracle:peoplesoft_enterprise_tools:8.46:ga:*:*:*:*:*:* OR cpe:/a:oracle:peoplesoft_enterprise_tools:8.47.04:*:*:*:*:*:*:* OR cpe:/a:oracle:peoplesoft_enterprise_tools:8.47:ga:*:*:*:*:*:* OR cpe:/a:oracle:pharmaceutical:4.5.0:*:*:*:*:*:*:* OR cpe:/a:oracle:pharmaceutical:4.5.1:*:*:*:*:*:*:* OR cpe:/a:oracle:pharmaceutical:4.5.2:*:*:*:*:*:*:* BACK
oracle collaboration suite 9.0.4.2
oracle collaboration suite 10.1.1
oracle collaboration suite 10.1.2.0
oracle collaboration suite 10.1.2.1
oracle collaboration suite 9.0.4.2 r2
oracle collaboration suite 10.1.1 r1
oracle collaboration suite 10.1.2 r1
oracle database server 8.1.7.4
oracle database server 9.2.0.6 r2
oracle application server 9.0.4.1
oracle collaboration suite 9.0.4.2 r2
oracle database server 10.1.0.4 r1
oracle e-business suite 11.0
oracle enterprise manager grid control 10.1.0.3
oracle application server 9.0.4.2
oracle enterprise manager grid control 10.1.0.4
oracle application server 10.1.2.0.0 r2
oracle application server 10.1.2.0.1 r2
oracle application server 10.1.2.0.2 r2
oracle database server 10.2.0.1 r2
oracle database server 10.1.0.5 r1
oracle database server 9.2.0.7 r2
oracle collaboration suite 10.1.1 r1
oracle collaboration suite 10.1.2 r1
oracle e-business suite 11.5.10
oracle database server 10.2.0.2 r2
oracle enterprise manager grid control 10.2.0.1
oracle enterpriseone 8.95
oracle e-business suite 11.5.1
oracle e-business suite 11.5.2
oracle e-business suite 11.5.3
oracle e-business suite 11.5.4
oracle e-business suite 11.5.5
oracle e-business suite 11.5.6
oracle e-business suite 11.5.7
oracle e-business suite 11.5.8
oracle e-business suite 11.5.9
oracle enterpriseone 8.95.f1
oracle enterpriseone 8.95.j1
oracle peoplesoft enterprise tools 8.46.12
oracle peoplesoft enterprise tools 8.46 ga
oracle peoplesoft enterprise tools 8.47.04
oracle peoplesoft enterprise tools 8.47 ga
oracle pharmaceutical 4.5.0
oracle pharmaceutical 4.5.1
oracle pharmaceutical 4.5.2
Denotes that component is vulnerable