CVE-2008-0346

Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.

Published: 2008-01-17 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2008-0346 is rated High Risk (69.8/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 2.70%). High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2008-0346

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 2.31% 2.70% +0.38%
2 2025-04-25 2.65% 2.31% -0.33%
3 2025-03-30 2.65%

Full EPSS history (13 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2008-0346

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
10.0 2.0 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 10.0 10.0 [email protected]

Weakness enumeration for CVE-2008-0346

Affected software / configurations for CVE-2008-0346

Vendor Product Version Raw CPE
oracle application_server 1.0.2.2 cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
oracle application_server 9.0.4.3 cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
oracle application_server 10.1.2.0.2 cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
oracle application_server 10.1.2.1.0 cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*
oracle application_server 10.1.2.2.0 cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*
oracle application_server 10.1.3.0.0 cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*
oracle application_server 10.1.3.1.0 cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*
oracle application_server 10.1.3.3.0 cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*
oracle collaboration_suite 10.1.2 cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*
oracle database_server 9.0.1.5 cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*
oracle database_server 9.2.0.8 cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
oracle database_server 9.2.0.8dv cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*
oracle database_server 10.1.0.5 cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
oracle database_server 10.2.0.2 cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*
oracle database_server 10.2.0.3 cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
oracle database_server 11.1.0.6 cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*
oracle e-business_suite 11.5.9 cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*
oracle e-business_suite 11.5.10 cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*
oracle e-business_suite 11.5.10.2 cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*
oracle e-business_suite 12.0.0 cpe:2.3:a:oracle:e-business_suite:12.0.0:*:*:*:*:*:*:*
oracle e-business_suite 12.0.1 cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*
oracle e-business_suite 12.0.2 cpe:2.3:a:oracle:e-business_suite:12.0.2:*:*:*:*:*:*:*
oracle e-business_suite 12.0.3 cpe:2.3:a:oracle:e-business_suite:12.0.3:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.47 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.48 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.49 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:*:*:*:*:*:*:*

References for CVE-2008-0346

cvelogic Threat Intelligence