SB2011042001 - Multiple vulnerabilities in Oracle PeopleSoft Enterprise HRMS

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2011042001

SB2011042001 - Multiple vulnerabilities in Oracle PeopleSoft Enterprise HRMS

Published: April 20, 2011 Updated: August 11, 2020

Security Bulletin ID SB2011042001
Severity
Low
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2011-0853)

The vulnerability allows a remote #AU# to read and manipulate data.

Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle #15 and 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to ePerformance.


2) Input validation error (CVE-ID: CVE-2011-0854)

The vulnerability allows a remote #AU# to read and manipulate data.

Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to ePerformance.


3) Input validation error (CVE-ID: CVE-2011-0857)

The vulnerability allows a remote #AU# to read and manipulate data.

Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle #15 and 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Pension Administration.


4) Input validation error (CVE-ID: CVE-2011-0858)

The vulnerability allows a remote #AU# to read and manipulate data.

Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle #15 and 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Manager.


5) Input validation error (CVE-ID: CVE-2011-0859)

The vulnerability allows a remote #AU# to read and manipulate data.

Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Tax Update 11-B and 9.1 Tax Update 11-B allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Global Payroll - North America.


6) Input validation error (CVE-ID: CVE-2011-0860)

The vulnerability allows a remote #AU# to read and manipulate data.

Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Update 2011-B and 9.1 Update 2011-B allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Global Payroll - Spain.


7) Input validation error (CVE-ID: CVE-2011-0861)

The vulnerability allows a remote #AU# to read and manipulate data.

Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Update 2011-B and 9.1 Update 2011-B allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Global Payroll Core.


Remediation

Install update from vendor's website.

References