CVE-2007-0222: CVE-2007-0222

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-0222

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably "\.." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed in CPU Jan 2007, but due to lack of details by Oracle, it is unclear which BugID this issue is associated with, so the other CVE cannot be determined. Possibilities include EM02 (CVE-2007-0292) or EM05 (CVE-2007-0293).

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Oracle应用服务器EmChartBeam远程目录遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Oracle应用服务器是一个综合解决方案，用于开发、集成和部署企业的应用系统、门户和网站。 Oracle应用服务器的服务端组件EmChartBean中存在目录遍历漏洞，非授权用户可以通过发送GET请求以Javaw.exe进程的权限(默认为LocalSystem)远程访问根目录以外的文件。EmChartBean仅存在于运行时，在初始调用登陆页面后从JAR文件中解压，因此如果要利用这个漏洞攻击者必须首先能够向登陆页面提交请求。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-0222

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-0222

Please Login to view more intelligence information

http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/22083vdb-entryx_refsource_BID
http://secunia.com/advisories/23794third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/22027vdb-entryx_refsource_BID
http://securitytracker.com/id?1017522vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/archive/1/458657/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/457105/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-0222

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2007-0222

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2007-0222

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-0222

III. Intelligence Information for CVE-2007-0222

New Vulnerabilities

V. Comments for CVE-2007-0222

Leave a comment