Oracle E-Business Multiple Vulnerabilities (October 2014 CPU)

High Nessus Plugin ID 78544


The remote host has a web application installed that is affected by multiple vulnerabilities.


The version of Oracle E-Business installed on the remote host is missing the October 2014 Oracle Critical Patch Update (CPU). It is, therefore, affected by vulnerabilities in the following components :

- Oracle Application Technology Stack
- Oracle Applications Framework
- Oracle Applications Object Library
- Oracle Payments


Apply the appropriate patch according to the October 2014 Oracle Critical Patch Update advisory.

See Also

Plugin Details

Severity: High

ID: 78544

File Name: oracle_e-business_cpu_oct_2014.nasl

Version: $Revision: 1.5 $

Type: local

Family: Misc.

Published: 2014/10/17

Modified: 2018/03/01

Dependencies: 70177

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:e-business_suite

Required KB Items: Oracle/E-Business/Version, Oracle/E-Business/patches/installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/10/14

Vulnerability Publication Date: 2014/10/14

Exploitable With


Reference Information

CVE: CVE-2014-4278, CVE-2014-4281, CVE-2014-4285, CVE-2014-6471, CVE-2014-6472, CVE-2014-6479, CVE-2014-6523, CVE-2014-6539, CVE-2014-6550, CVE-2014-6561

BID: 70445, 70447, 70450, 70454, 70457, 70461, 70466, 70471, 70475, 70485

OSVDB: 113279, 113282, 113283, 113284, 113285, 113286, 113287, 113288, 113289, 113296