Page 26 of 306 results (0.022 seconds)

CVSS: 7.5EPSS: 61%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2416, CVE-2014-2417, and CVE-2014-2418. Vulnerabilidad no especificada en el componente Oracle Data Integrator en Oracle Fusion Middleware 11.1.1.3.0 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Data Quality, una vulnerabilidad diferente a CVE-2014-2407, CVE-2014-2416, CVE-2014-2417 y CVE-2014-2418. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TSS12.TransformerTools.PostcardPreviewInt ActiveX control. The issue lies in the ability to dereference arbitrary pointers from JavaScript. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •

CVSS: 7.5EPSS: 61%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2417, and CVE-2014-2418. Vulnerabilidad no especificada en el componente Oracle Data Integrator en Oracle Fusion Middleware 11.1.1.3.0 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Data Quality, una vulnerabilidad diferente a CVE-2014-2407, CVE-2014-2415, CVE-2014-2417 y CVE-2014-2418. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TSS12.DscForms.DateTimeWrapper ActiveX control. The issue lies in the ability to dereference arbitrary pointers from JavaScript. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •

CVSS: 7.5EPSS: 60%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2416, and CVE-2014-2418. Vulnerabilidad no especificada en el componente Oracle Data Integrator en Oracle Fusion Middleware 11.1.1.3.0 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Data Quality, una vulnerabilidad diferente a CVE-2014-2407, CVE-2014-2415, CVE-2014-2416 y CVE-2014-2418. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TSS12.DscXB.XB ActiveX control. The issue lies in the ability to dereference arbitrary pointers from JavaScript. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •

CVSS: 7.5EPSS: 60%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2416, and CVE-2014-2417. Vulnerabilidad no especificada en el componente Oracle Data Integrator en Oracle Fusion Middleware 11.1.1.3.0 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Data Quality, una vulnerabilidad diferente a CVE-2014-2407, CVE-2014-2415, CVE-2014-2416 y CVE-2014-2417. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TSS12.DscTools.FileChooserDlg ActiveX control. The issue lies in the ability to dereference arbitrary pointers from JavaScript. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •

CVSS: 7.5EPSS: 97%CPEs: 1EXPL: 2

Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system. Vulnerabilidad no especificada en el componente Oracle Event Processing en Oracle Fusion Middleware 11.1.1.7.0 permite a los usuarios remotos autenticados afectar a la integridad a través de vectores relacionados con CEP system. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Event Processing. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadServlet class. The class contains a method that does not properly sanitize input allowing for directory traversal. • https://www.exploit-db.com/exploits/33989 http://packetstormsecurity.com/files/127365/Oracle-Event-Processing-FileUploadServlet-Arbitrary-File-Upload.html http://www.exploit-db.com/exploits/33989 http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.osvdb.org/105844 http://www.securityfocus.com/bid/66871 •