XML External Entity Vulnerability in Oracle E-Business Suite
CVE-2016-0457

Currently unrated

Key Information:

Vendor

Oracle
Status
E-business Suite
Vendor
CVE Published:
21 January 2016

What is CVE-2016-0457?

A vulnerability exists in the Application Mgmt Pack for E-Business Suite that permits remote attackers to compromise data confidentiality through the REST Framework. This vulnerability may allow unauthorized remote access to sensitive information by exploiting crafted XML requests, which can lead to arbitrary file reading and potential denial of service. The implications of this vulnerability include risks associated with server-side request forgery and SMB Relay attacks, highlighting the need for timely remediation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.oracle.com/technetwork/topics/security/cpujan2...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1034726
vdb-entryx_refsource_SECTRACK
https://erpscan.io/advisories/erpscan-16-007-oracle-e-bus...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.