Vulnerability Note VU#322460

Oracle Collaboration Suite denial of service vulnerability

Original Release date: 19 Jul 2007 | Last revised: 19 Jul 2007

Overview

The Oracle collaboration suite contains a vulnerability that may allow an attacker to create a denial-of-service condition.

Description

The Oracle collaboration suite contains a vulnerability. From Oracle Critical Patch Update - July 2007:

    There is 1 new Oracle Collaboration Suite specific fix in this Critical Patch Update. It may be remotely exploitable without authentication, i.e. it may be exploited over a network without the need for a username and password. It is applicable to Oracle Collaboration Suite client-only installations.

Impact

A remote, unauthenticated attacker may be able to create a denial-of-service condition.

Solution

Update
Oracle has released an update to address this issue. Administrators are encouraged to review the information in the Oracle July Critical Patch Update.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Oracle CorporationAffected-19 Jul 2007
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Oracle for information that was used in this report.

This document was written by Ryan Giobbi.

Other Information

  • CVE IDs: Unknown
  • Date Public: 17 Jan 2007
  • Date First Published: 19 Jul 2007
  • Date Last Updated: 19 Jul 2007
  • Severity Metric: 0.10
  • Document Revision: 5

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.