CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2011-2267
https://notcve.org/view.php?id=CVE-2011-2267
21 Jul 2011 — Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. Vulnerabilidad no especificada en el componente Oracle Outside In Technology de Oracle Fusion Middleware v8.3.2.0 y v8.3.5.0 permite a atacantes dependientes de contexto afectar a la disponibilidad a través de vectores desconocidos relacionados con el Outside In Filters. • http://www-01.ibm.com/support/docview.wss?uid=swg21660640 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-0794
https://notcve.org/view.php?id=CVE-2011-0794
20 Apr 2011 — Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5.0 allows local users to affect confidentiality, integrity, and availability, related to File ID SDK. NOTE: the previous information was obtained from the April 2011 CPU. Oracle has not commented on claims from a reliable third party that this issue is in (a) sccut.dll or (b) libsc_ut.so in Outside In 8.3.5.x through 8.3.5.5684, as used when using the CAB file identification functionality to parse OneNot... • http://secunia.com/advisories/44295 •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2011-0808
https://notcve.org/view.php?id=CVE-2011-0808
20 Apr 2011 — Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Outside In Filters. NOTE: the previous information was obtained from the April 2011 CPU. Oracle has not commented on claims from a reliable third party that this issue is in (a) vswk6.dll or (b) libvs_wk6.so in Outside In 8.1.0.4037 through 8.3.5.5684, involving the Lotus 123 parser. Vu... • http://secunia.com/advisories/44295 •
CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 0CVE-2010-4453
https://notcve.org/view.php?id=CVE-2010-4453
19 Jan 2011 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7, 8.1.6, 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect integrity via unknown vectors related to Servlet Container. Vulnerabilidad no especificada en el componente Oracle WebLogic Server para Oracle Fusion Middleware v7.0.7, v8.1.6, v9.0, v9.1, v9.2.4, v10.0.2, v10.3.2, y v10.3.3 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados Se... • http://osvdb.org/70584 •
CVSS: 4.3EPSS: 16%CPEs: 3EXPL: 1CVE-2010-2370 – Oracle Business Process Management 10.3.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-2370
13 Jul 2010 — Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middleware 5.7 MP3, 6.0 MP5, and 10.3 MP2 allows remote attackers to affect integrity, related to BPM. Vulnerabilidad no especificada en el componente Oracle Business Process Management de Oracle Fusion Middleware v5.7 MP3, v6.0 MP5, y v10.3 MP2, permite a atacantes remotos afectar la integridad, relacionado con BPM. • https://www.exploit-db.com/exploits/34310 •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 8CVE-2010-1622 – Spring Framework - Arbitrary code Execution
https://notcve.org/view.php?id=CVE-2010-1622
21 Jun 2010 — SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file. SpringSource Spring Framework v2.5.x anteriores a v2.5.6.SEC02, v2.5.7 anteriores a v2.5.7.SR01, y v3.0.x anteriores a v3.0.3 permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP que contenga class.classLoader.URLs[0]=jar:... • https://www.exploit-db.com/exploits/13918 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •