CVE-2007-0297

Oracle PeopleSoft Enterprise & JD Edwards EnterpriseOne <8.47.11-8....

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0297. PoCs published by Esteban Martinez Fayo.

AI-analyzed exploit summary The exploit demonstrates a directory traversal vulnerability in Oracle Application Server's EmChartBean component, allowing unauthorized access to arbitrary files on the server. The PoC URL shows a path traversal sequence to access a file outside the intended directory.

Description

Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.47.11 and 8.48.06 has unknown impact and attack vectors in PeopleTools, aka PSE03.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Esteban Martinez Fayo · textremotemultiple

https://www.exploit-db.com/exploits/29475

View Code ZIP pw:eip

The exploit demonstrates a directory traversal vulnerability in Oracle Application Server's EmChartBean component, allowing unauthorized access to arbitrary files on the server. The PoC URL shows a path traversal sequence to access a file outside the intended directory.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Oracle Application Server (versions affected by CVE-2007-0297)

No auth needed

Prerequisites: Network access to the target server · Oracle Application Server with vulnerable EmChartBean component

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (6)

Core 6

Core References

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23794

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/22083

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html

Patch, US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA07-017A.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/31541

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1017522

Scores

EPSS 0.0335

EPSS Percentile 87.1%

Details

Status published

Products (4)

oracle/enterpriseone 8.47.11

oracle/enterpriseone 8.48.06

oracle/peoplesoft_enterprise 8.47.11

oracle/peoplesoft_enterprise 8.48.06

Published Jan 17, 2007

Tracked Since Feb 18, 2026