CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0509
https://notcve.org/view.php?id=CVE-2015-0509
Unspecified vulnerability in the Oracle Hyperion BI+ component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect integrity via unknown vectors related to Reporting and Analysis. Vulnerabilidad no especificada en el componente Oracle Hyperion BI+ en Oracle Hyperion 11.1.2.2 y 11.1.2.3 Permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Reporting y Analysis. • http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.securitytracker.com/id/1032123 •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 2CVE-2015-2572 – Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash (PoC)
https://notcve.org/view.php?id=CVE-2015-2572
Unspecified vulnerability in the Oracle Hyperion Smart View for Office component in Oracle Hyperion 11.1.2.5.216 and earlier, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core. Vulnerabilidad no especificada en el componente Oracle Hyperion Smart View for Office en Oracle Hyperion 11.1.2.5.216 y en versiones anteriores, cuando se ejecuta sobre Windows, permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Core. • https://www.exploit-db.com/exploits/36783 http://packetstormsecurity.com/files/131507/Oracle-Hyperion-Smart-View-For-Office-11.1.2.3.000-DoS.html http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.osvdb.org/120680 http://www.securityfocus.com/bid/74071 http://www.securitytracker.com/id/1032123 •
CVSS: 4.3EPSS: 0%CPEs: 57EXPL: 0CVE-2014-3707 – curl: incorrect handle duplication after COPYPOSTFIELDS
https://notcve.org/view.php?id=CVE-2014-3707
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information. La función curl_easy_duphandle en libcurl 7.17.1 hasta 7.38.0, cuando se ejecuta con la opción CURLOPT_COPYPOSTFIELDS, no copia debidamente datos HTTP POST para un manejo sencillo, lo que provoca una lectura fuera de rango que permite a servidores web remotos leer información sensible de la memoria. A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory. • http://curl.haxx.se/docs/adv_20141105.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html http://rhn.redhat.com/errata/RHSA-2015-1254.html http://www.debian.org/security/2014/dsa-3069 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html htt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-416: Use After Free •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2014-4269
https://notcve.org/view.php?id=CVE-2014-4269
Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface, a different vulnerability than CVE-2014-4270. Vulnerabilidad no especificada en el componente Hyperion Common Admin en Oracle Hyperion 11.1.2.2 y 11.1.2.3 permite a usuarios remotos autenticados afectar a la confidencialidad a través de vectores desconocidos relacionados con la interfaz de usuario, una vulnerabilidad diferente a CVE-2014-4270. • http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/59289 http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.securityfocus.com/archive/1/534161/100/0/threaded http://www.securityfocus.com/bid/68577 http://www.securitytracker.com/id/1030579 http://www.vmware.com/security/advisories/VMSA-2014-0012.html https://exchange.xforce.ibmcloud.com/vulnerabilities/94566 •
CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-4246
https://notcve.org/view.php?id=CVE-2014-4246
Unspecified vulnerability in the Hyperion Analytic Provider Services component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via vectors related to SVP. Vulnerabilidad no especificada en el componente Hyperion Analytic Provider Services en Oracle Hyperion 11.1.2.2 y 11.1.2.3 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores relacionados con SVP. • http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/59303 http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.securityfocus.com/archive/1/534161/100/0/threaded http://www.securityfocus.com/bid/68586 http://www.securitytracker.com/id/1030579 http://www.vmware.com/security/advisories/VMSA-2014-0012.html https://exchange.xforce.ibmcloud.com/vulnerabilities/94567 •