Vulnerability Name:

CVE-2011-0810 (CCN-66931)

Assigned:2011-04-19
Published:2011-04-19
Updated:2011-04-20
Summary:Unspecified vulnerability Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect availability, related to Enterprise Infrastructure SEC.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2011-0810

Source: CCN
Type: SA44279
Oracle JD Edwards EnterpriseOne Tools Multiple Vulnerabilities

Source: CCN
Type: Oracle Critical Patch Update Advisory - April 2011
Oracle Critical Patch Update Advisory - April 2011

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

Source: CCN
Type: OSVDB ID: 71919
Oracle JD Edwards EnterpriseOne Server / Tools Enterprise Infrastructure SEC JDENET Kernel Unicode Data Message Parsing Remote DoS

Source: CCN
Type: BID-47469
Oracle JD Edwards EnterpriseOne Tools CVE-2011-0810 Remote Vulnerability

Source: XF
Type: UNKNOWN
ojeeot-ow-unspecified(66931)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:oracle:enterpriseone_tools:8.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.9:budle14:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.9:bundle14:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.9:bundle21:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.9:bundle9:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.9.18:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.98.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.98.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone_ep:8.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:oneworld_tools:*:*:*:*:*:*:*:* (Version <= 24.1.3)
  • OR cpe:/a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle23:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle37:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle38:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle41:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:gp_2010-e:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_and_jdedwards_product_suite:8.98.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_and_jdedwards_suite_scm:8.9:bundle37:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:oracle:jd_edwards_enterpriseone:8.9:bundle14:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.98.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.98.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.9:bundle21:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.9.18:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.9:budle14:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone:8.9:bundle9:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone_ep:8.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterpriseone_tools:8.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:oneworld_tools:24.1.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    oracle enterpriseone tools 8.9
    oracle jd edwards enterpriseone 8.9 budle14
    oracle jd edwards enterpriseone 8.9 bundle14
    oracle jd edwards enterpriseone 8.9 bundle21
    oracle jd edwards enterpriseone 8.9 bundle9
    oracle jd edwards enterpriseone 8.9.18
    oracle jd edwards enterpriseone 8.98.1.4
    oracle jd edwards enterpriseone 8.98.2.1
    oracle jd edwards enterpriseone ep 8.9
    oracle oneworld tools *
    oracle peoplesoft and jdedwards product suite 8.9
    oracle peoplesoft and jdedwards product suite 8.9 bundle23
    oracle peoplesoft and jdedwards product suite 8.9 bundle37
    oracle peoplesoft and jdedwards product suite 8.9 bundle38
    oracle peoplesoft and jdedwards product suite 8.9 bundle41
    oracle peoplesoft and jdedwards product suite 8.9 gp_2010-e
    oracle peoplesoft and jdedwards product suite 8.98.4.1
    oracle peoplesoft and jdedwards suite scm 8.9 bundle37
    oracle jd edwards enterpriseone 8.9 bundle14
    oracle jd edwards enterpriseone 8.98.1.4
    oracle jd edwards enterpriseone 8.98.2.1
    oracle jd edwards enterpriseone 8.9 bundle21
    oracle jd edwards enterpriseone 8.9.18
    oracle jd edwards enterpriseone 8.9 budle14
    oracle jd edwards enterpriseone 8.9 bundle9
    oracle jd edwards enterpriseone ep 8.9
    oracle enterpriseone tools 8.9
    oracle oneworld tools 24.1.3