CVE-2006-5359 | Vulnerability Database | Aqua Security

Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Oracle E-Business Suite and Applications 11.5.10CU2, have unknown impact and remote attack vectors, aka Vuln# (1) REP01 and (2) REP02. NOTE: as of 20061027, Oracle has not disputed reports from a reliable researcher that these issues are related to (a) showenv and (b) parsequery for REP01, and (c) cellwrapper and (d) delimiter for REP02.

Affected Software

Name	Vendor	Start Version	End Version
Application_server	Oracle	9.0.4.3 (including)	9.0.4.3 (including)
Application_server	Oracle	10.1.2.0.2 (including)	10.1.2.0.2 (including)
E-business_suite	Oracle	11.5.10.2 (including)	11.5.10.2 (including)

References

http://secunia.com/advisories/22396
http://securitytracker.com/id?1017077
http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html
http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html
http://www.red-database-security.com/advisory/oracle_reports_css.html
http://www.securityfocus.com/archive/1/449503/100/0/threaded
http://www.securityfocus.com/archive/1/449711/100/0/threaded
http://www.securityfocus.com/bid/20588
http://www.us-cert.gov/cas/techalerts/TA06-291A.html
http://www.vupen.com/english/advisories/2006/4065

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-5359
CWE	https://cwe.mitre.org/data/definitions/.html