NotCVE - vendor:"Oracle" product:"Fusion Middleware" version:" <= 28.2.2"

Page 15 of 306 results (0.004 seconds)

CVSS: 6.8EPSS: 78%CPEs: 1EXPL: 0

CVE-2015-0445 – Oracle Data Quality DscXB onloadstatechange Use-After-Free Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-0445

Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759. Vulnerabilidad no especificada en el componente de Oracle Data Integrator en Oracle Fusion Middleware 11.1.1.3.0, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con la calidad de datos basado en Trillium, una vulnerabilidad diferente a CVE-2015-0443, CVE-2015-0444, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758 y CVE-2015-4759. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TSS12.DscXB.XB ActiveX control. By modifying the HTML document within the onloadstatechange handler of the control, an attacker can cause an object to be used after it has been freed. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •

CVSS: 6.8EPSS: 78%CPEs: 1EXPL: 0

CVE-2015-0444 – Oracle Data Quality LoaderWizard SetEntities Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-0444

Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759. Vulnerabilidad no especificada en el componente de Oracle Data Integrator en Oracle Fusion Middleware 11.1.1.3.0, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con la calidad de datos basado en Trillium, una vulnerabilidad diferente a CVE-2015-0443, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758 y CVE-2015-4759. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TSS12.LoaderWizard.lwctrl ActiveX control. The SetEntities method does not validate the type of data passed to it, instead treating any object passed in as if it were the expected type. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •

CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-0414

https://notcve.org/view.php?id=CVE-2015-0414

Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer. Vulnerabilidad no especificada en el componente Oracle SOA Suite en Oracle Fusion Middleware 11.1.1.7 y 12.1.3.0 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores no conocidos relacionados con Fabric Layer. • http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.securityfocus.com/bid/72220 •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2015-0434

https://notcve.org/view.php?id=CVE-2015-0434

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect confidentiality via vectors related to Integration with OAM. Vulnerabilidad no especificada en el componente Oracle Access Manager en Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, y 11.1.2.2 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con la integración con OAM. • http://secunia.com/advisories/62473 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.securityfocus.com/bid/72226 https://exchange.xforce.ibmcloud.com/vulnerabilities/100081 •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-0420

https://notcve.org/view.php?id=CVE-2015-0420

Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services. Vulnerabilidad no especificada en el componente Oracle Forms en Oracle Fusion Middleware 11.1.1.7 y 11.1.2.2 permite a atacantes remotos afectar confidencialidad a través de vectores desconocidos relacionados con Forms Services. • http://secunia.com/advisories/62479 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.securityfocus.com/bid/72225 •

1...13 14 15 16 17