CVE-2011-0883
https://notcve.org/view.php?id=CVE-2011-0883
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.2.3, 10.1.3.5, 10.1.4.0.1, and 10.1.4.3 allows remote authenticated users to affect integrity, related to Servlet Runtime in OC4J. Vulnerabilidad no especificada en los Oracle Containers para el componente J2EE de Oracle Fusion Middleware v10.1.2.3, v10.1.3.5, v10.1.4.0.1 y v10.1.4.3 permite a usuarios remotos autenticados afectar a la integridad, relacionados con Servlet Runtime en OC4J. • http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html http://www.us-cert.gov/cas/techalerts/TA11-201A.html •
CVE-2011-0798
https://notcve.org/view.php?id=CVE-2011-0798
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 11.1.1.2.0 allows remote attackers to affect integrity via unknown vectors related to Midtier Infrastructure. Vulnerabilidad no especificada en el componente Portal de Oracle Fusion Middleware v10.1.2.3 y v11.1.1.2.0, permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con Midtier Infrastructure. • http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html •
CVE-2010-4453
https://notcve.org/view.php?id=CVE-2010-4453
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7, 8.1.6, 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect integrity via unknown vectors related to Servlet Container. Vulnerabilidad no especificada en el componente Oracle WebLogic Server para Oracle Fusion Middleware v7.0.7, v8.1.6, v9.0, v9.1, v9.2.4, v10.0.2, v10.3.2, y v10.3.3 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados Servlet Container. • http://osvdb.org/70584 http://secunia.com/advisories/42975 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45877 http://www.securitytracker.com/id?1024981 http://www.vupen.com/english/advisories/2011/0143 https://exchange.xforce.ibmcloud.com/vulnerabilities/64766 •
CVE-2010-4437 – Oracle WebLogic - POST Session Fixation
https://notcve.org/view.php?id=CVE-2010-4437
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet Container. Vulnerabilidad no especificada en el componente Oracle WebLogic Server para Oracle Fusion Middleware v9.0, v9.1, v9.2.4, v10.0.2, v10.3.2, y v10.3.3 permite a atacantes remotos afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con el Servlet Container. • https://www.exploit-db.com/exploits/16959 http://osvdb.org/70571 http://secunia.com/advisories/42975 http://securityreason.com/securityalert/8126 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45852 http://www.securitytracker.com/id?1024981 http://www.vupen.com/english/advisories/2011/0143 https://exchange.xforce.ibmcloud.com/vulnerabilities/64764 •
CVE-2010-3591 – Oracle Document Capture - Actbar2.ocx Insecure Method
https://notcve.org/view.php?id=CVE-2010-3591
Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Internal Operations. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from the original researcher that remote attackers can overwrite or delete arbitrary files via a full pathname in the second argument to the DownloadSingleMessageToFile method in the EMPOP3Lib ActiveX component (empop3.dll). Vulnerabilidad sin especificar en el componente Oracle Document Capture de Oracle Fusion Middleware 10.1.3.4 y 10.1.3.5 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con operaciones internas. Oracle Document Capture contains ActiveX components that contains insecure methods in empop3.dll. • https://www.exploit-db.com/exploits/16053 https://www.exploit-db.com/exploits/16055 http://dsecrg.com/pages/vul/show.php?id=305 http://secunia.com/advisories/42976 http://www.exploit-db.com/exploits/16055 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/archive/1/515959/100/0/threaded http://www.securityfocus.com/bid/45851 http://www.securitytracker.com/id?1024981 http://www.vupen.com/english/advisories/2011/0143 ht •