CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2346

Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.7%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 6.8

References

Products affected by CVE-2016-2346

Allroundautomations » Pl/sql Developer » Version: 11.0

cpe:2.3:a:allroundautomations:pl/sql_developer:11.0
Allroundautomations » Pl/sql Developer » Version: 11.0.1

cpe:2.3:a:allroundautomations:pl/sql_developer:11.0.1
Allroundautomations » Pl/sql Developer » Version: 11.0.2

cpe:2.3:a:allroundautomations:pl/sql_developer:11.0.2
Allroundautomations » Pl/sql Developer » Version: 11.0.3

cpe:2.3:a:allroundautomations:pl/sql_developer:11.0.3
Allroundautomations » Pl/sql Developer » Version: 11.0.4

cpe:2.3:a:allroundautomations:pl/sql_developer:11.0.4
Allroundautomations » Pl/sql Developer » Version: 11.0.5

cpe:2.3:a:allroundautomations:pl/sql_developer:11.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2346

Products

Pricing

Contact Us