CVSS: 6.8EPSS: 61%CPEs: 1EXPL: 0CVE-2014-2407 – Oracle Data Quality LoaderWizard ActiveX Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-2407
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2415, CVE-2014-2416, CVE-2014-2417, and CVE-2014-2418. Vulnerabilidad no especificada en el componente Oracle Data Integrator en Oracle Fusion Middleware 11.1.1.3.0 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Data Quality, una vulnerabilidad diferente a CVE-2014-2415, CVE-2014-2416, CVE-2014-2417 y CVE-2014-2418. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TSS12.LoaderWizard.lwctrl ActiveX control. The issue lies in the failure to properly initialize values leading to a use-after-free condition. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0413
https://notcve.org/view.php?id=CVE-2014-0413
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426. Vulnerabilidad no especificada en el componente Oracle Containers para J2EE en Oracle Fusion Middleware 10.1.3.5 permite a atacantes remotos afectar la integridad a través de vectores relacionados con el manejo de peticiones HTTP, una vulnerabilidad diferente a CVE-2014-0426. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0414
https://notcve.org/view.php?id=CVE-2014-0414
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via vectors related to HTTP Request Handling. Vulnerabilidad no especificada en el componente Oracle Containers para J2EE en Oracle Fusion Middleware 10.1.3.5 permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con el manejo de peticiones HTTP. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0426
https://notcve.org/view.php?id=CVE-2014-0426
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413. Vulnerabilidad no especificada en el componente Oracle Containers para J2EE en Oracle Fusion Middleware 10.1.3.5 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con el manejo de peticiones HTTP, una vulnerabilidad diferente a CVE-2014-0413. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2014-0450
https://notcve.org/view.php?id=CVE-2014-0450
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection. Vulnerabilidad no especificada en el componente Oracle WebCenter Portal en Oracle Fusion Middleware 11.1.1.7 y 11.1.1.8 permite a usuarios remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con People Connection. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •