Oracle.E-Business.Suite.Arbitrary.Document.Download

description-logoDescription

This vulnerability allows remote attackers to download any existing
document in the APPS.FND_DOCUMENTS table from vulnerable installations of
Oracle E-Business Suite. Authentication is not required to exploit this
vulnerability.

affected-products-logoAffected Products

Oracle E-Business Suite Release 11i, versions 11.5.7 - 11.5.10 CU2
Oracle E-Business Suite Release 12, version 12.0.0

Impact logoImpact

Arbitrary document download.

recomended-action-logoRecommended Actions

Please refer to http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html for the latest update.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-11 16.978
2019-11-22 15.729 Name:Oracle.
EBusiness.
Suite.
Arbitrary.
Document.
Download:Oracle.
E-Business.
Suite.
Arbitrary.
Document.
Download

References

ZDI-07-017