Oracle E-Business Multiple Vulnerabilities (January 2016 CPU)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A web application installed on the remote host is affected by multiple
vulnerabilities.

Description :

The version of Oracle E-Business Suite installed on the remote host is
missing the January 2016 Critical Patch Update. It is, therefore,
affected by multiple unspecified vulnerabilities in multiple
components and subcomponents, the most severe of which can allow an
unauthenticated, remote attacker to affect both confidentiality and
integrity.

See also :

http://www.nessus.org/u?da1a16c5

Solution :

Apply the appropriate patch according to the January 2016 Oracle
Critical Patch Update advisory.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 5.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true