Page 10 of 63 results (0.013 seconds)

CVSS: 5.0EPSS: 51%CPEs: 8EXPL: 1

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container. Vulnerabilidad no especificada en el componente de Oracle GlassFish Server en Oracle Fusion Middleware 2.1.1, 3.0.1 y 3.1.2, el componente de Oracle JDeveloper de Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0 y 12.1.2.0. 0, y el componente de Oracle WebLogic Server en Oracle Fusion Middleware 10.3.6.0 y 12.1.1 que permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con Java Server Faces o el Web Container. • https://www.exploit-db.com/exploits/38802 http://rhn.redhat.com/errata/RHSA-2014-0029.html http://www.kb.cert.org/vuls/id/526012 http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html http://www.securityfocus.com/bid/63052 http://www.securitytracker.com/id/1029190 https://access.redhat.com/security/cve/CVE-2013-3827 https://bugzilla.redhat.com/show_bug.cgi?id=1038898 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Server. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a third party that the issue is related to "iDoc script injection" in the (1) cs and (2) urm components, which allows attackers to read "sensitive" files, as demonstrated by obtaining the "AES encryption key and encrypted credentials" of the weblogic user. Vulnerabilidad sin especificar en el componente Oracle WebCenter Content en Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, y 11.1.1.7.0 permite a atacantes remotos comprometer la integridad y confidencialidad a través de vectores desconocidos relacionado con los Web Content Server. • http://osvdb.org/95271 http://secunia.com/advisories/54227 http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html http://www.securityfocus.com/bid/61228 http://www.securitytracker.com/id/1028801 http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1038 https://exchange.xforce.ibmcloud.com/vulnerabilities/85658 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote attackers to affect integrity via unknown vectors related to Web Forms. Vulnerabilidad sin especificar en el componente Oracle WebCenter Content en Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, y 11.1.1.7.0 permite a atacantes remotos comprometer la integridad a través de vectores desconocidos relacionado con los Web Forms. • http://osvdb.org/95274 http://secunia.com/advisories/54227 http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html http://www.securityfocus.com/bid/61220 http://www.securitytracker.com/id/1028801 https://exchange.xforce.ibmcloud.com/vulnerabilities/85661 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote attackers to affect integrity via unknown vectors related to Site Studio. Vulnerabilidad no especificada en el componente Oracle WebCenter Content en Oracle Fusion Middleware v10.1.3.5.1, v11.1.1.6.0, y v11.1.1.7.0 permite a atacantes remotos afectar la integridad mediante vectores relacionados con Site Studio. • http://osvdb.org/95273 http://secunia.com/advisories/54227 http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html http://www.securityfocus.com/bid/61223 http://www.securitytracker.com/id/1028801 https://exchange.xforce.ibmcloud.com/vulnerabilities/85660 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5.0 allows remote attackers to affect integrity via vectors related to SSO Engine. Vulnerabilidad no especificada en el componente Oracle Access Manager en Oracle Fusion Middleware 11.1.1.5.0 permite a atacantes remotos afectar a la integridad a través de vectors relacionado con SSO Engine. • http://osvdb.org/95272 http://secunia.com/advisories/54236 http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html http://www.securityfocus.com/bid/61212 http://www.securitytracker.com/id/1028801 https://exchange.xforce.ibmcloud.com/vulnerabilities/85659 •