Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Applications | Oracle | 10.7 (including) | 10.7 (including) |
| Applications | Oracle | 11.0 (including) | 11.0 (including) |
| E-business_suite | Oracle | 11.1 (including) | 11.1 (including) |
| E-business_suite | Oracle | 11.2 (including) | 11.2 (including) |
| E-business_suite | Oracle | 11.3 (including) | 11.3 (including) |
| E-business_suite | Oracle | 11.4 (including) | 11.4 (including) |
| E-business_suite | Oracle | 11.5 (including) | 11.5 (including) |
| E-business_suite | Oracle | 11.6 (including) | 11.6 (including) |
| E-business_suite | Oracle | 11.7 (including) | 11.7 (including) |
| E-business_suite | Oracle | 11.8 (including) | 11.8 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=105906689120237\u0026w=2
- http://otn.oracle.com/deploy/security/pdf/2003alert55.pdf
- http://www.securityfocus.com/bid/8268
- http://marc.info/?l=bugtraq\u0026m=105906689120237\u0026w=2
- http://otn.oracle.com/deploy/security/pdf/2003alert55.pdf
- http://www.securityfocus.com/bid/8268