CVE-2007-2119

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the Administration Front End for Oracle Enterprise (Ultra) Search, as used in Database Server 9.2.0.8, 10.1.0.5, and 10.2.0.2, and in Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to inject arbitrary HTML or web script via the EXPTYPE parameter, aka SES01.

🔗 References (18)

cve@mitrehttp://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html
cve@mitrehttp://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html
cve@mitrehttp://www.red-database-security.com/advisory/oracle_css_ses.html
cve@mitrehttp://www.securityfocus.com/archive/1/466156/100/0/threaded
cve@mitrehttp://www.securityfocus.com/archive/1/466329/100/200/threaded
cve@mitrehttp://www.securityfocus.com/bid/23532
cve@mitrehttp://www.securitytracker.com/id?1017927
cve@mitrehttp://www.us-cert.gov/cas/techalerts/TA07-108A.html
cve@mitrehttp://www.vupen.com/english/advisories/2007/1426
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html
af854a3a-2127-422b-91ae-364da2661108http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html
af854a3a-2127-422b-91ae-364da2661108http://www.red-database-security.com/advisory/oracle_css_ses.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/466156/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/466329/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23532

Is Your Infrastructure Affected by CVE-2007-2119?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-2119

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-2119?