CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2013-2390
https://notcve.org/view.php?id=CVE-2013-2390
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2, 10.3.5, 10.3.6, and 12.1.1 allows remote attackers to affect integrity via unknown vectors related to WebLogic Console, a different vulnerability than CVE-2013-1504. Vulnerabilidad sin especificar en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2, 10.3.5, 10.3.6, y 12.1.1, permite a atacantes remotos comprometer la integridad a través de vectores desconocidos relacionados con Wevlogic Console. Vulnerabilidad distinta de CVE-2013-1504. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2013-1504
https://notcve.org/view.php?id=CVE-2013-1504
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2, 10.3.5, 10.3.6, and 12.1.1 allows remote attackers to affect integrity via unknown vectors related to WebLogic Console, a different vulnerability than CVE-2013-2390. Vulnerabilidad no especificada en el componente de Oracle WebLogic Server component en Oracle Fusion Middleware v10.0.2, v10.3.5, v10.3.6, y v12.1.1 permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con WebLogic Console, una vulnerabilidad diferente a CVE-2013-2390. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html •
CVSS: 4.3EPSS: 0%CPEs: 46EXPL: 0CVE-2012-1677
https://notcve.org/view.php?id=CVE-2012-1677
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Application Server Single Sign-On en Oracle Fusion Middleware permite a atacantes remotos afectar a la integridad a través de vectores desconocidos. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2012-5097
https://notcve.org/view.php?id=CVE-2012-5097
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3.0, 11.1.1.5.0, and 11.1.2.0.0 allows remote attackers to affect integrity, related to OAM Webgate. Vulnerabilidad no especificada en el componente de Oracle Access Manager en Oracle Fusion Middleware v10.1.4.3.0, v11.1.1.5.0, v11.1.2.0.0 que permite a atacantes remotos afectar la integridad, la relacionada con Webgate OAM. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html •
CVSS: 6.4EPSS: 97%CPEs: 3EXPL: 3CVE-2012-3152 – Oracle Fusion Middleware Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2012-3152
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the URLPARAMETER functionality allows remote attackers to read and upload arbitrary files to reports/rwservlet, and that this issue occurs in earlier versions. NOTE: this can be leveraged with CVE-2012-3153 to execute arbitrary code by uploading a .jsp file. Vulnerabilidad no especificada en el componente de Oracle Reports Developer de Oracle Fusion Middleware v11.1.1.4, v11.1.1.6 y v11.1.2.0 permite a atacantes remotos afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con Report Server Component. • https://www.exploit-db.com/exploits/31253 https://www.exploit-db.com/exploits/31737 http://blog.netinfiltration.com/2013/11/03/oracle-reports-cve-2012-3152-and-cve-2012-3153 http://blog.netinfiltration.com/2014/01/19/upcoming-exploit-release-oracle-forms-and-reports-11g http://seclists.org/fulldisclosure/2014/Jan/186 http://www.exploit-db.com/exploits/31253 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-151 •