CVE-2003-0633

Description

Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key.

Affected products

• oracle / applications10.7 – 10.7
• oracle / applications11.0 – 11.0
• oracle / e-business_suite11.1 – 11.1
• oracle / e-business_suite11.2 – 11.2
• oracle / e-business_suite11.3 – 11.3
• oracle / e-business_suite11.4 – 11.4
• oracle / e-business_suite11.5 – 11.5
• oracle / e-business_suite11.6 – 11.6
• oracle / e-business_suite11.7 – 11.7
• oracle / e-business_suite11.8 – 11.8

References

• MISChttp://www.securityfocus.com/bid/8268
• VENDOR_ADVISORYhttp://otn.oracle.com/deploy/security/pdf/2003alert55.pdf
• MAILING_LISThttp://marc.info/?l=bugtraq&m=105906689120237&w=2