
CVE-2010-3588
https://notcve.org/view.php?id=CVE-2010-3588
19 Jan 2011 — Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 10.1.2.3, 11.1.1.2.0, and 11.1.1.3.0 allows remote authenticated users to affect confidentiality and integrity, related to EUL Code & Schema. Vulnerabilidad no especificada en el componente Oracle Discoverer para Oracle Fusion Middleware v10.1.2.3, v11.1.1.2.0, v11.1.1.3.0 y permite a usuarios autenticados remotamente afectar a la confidencialidad y la integridad, relacionado con EUL Code & Schema. • http://secunia.com/advisories/42994 •

CVE-2010-4427
https://notcve.org/view.php?id=CVE-2010-4427
19 Jan 2011 — Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4.0, 10.1.3.4.1, and 11.1.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Web Server. Vulnerabilidad no especificada en el componente Oracle BI Publisher para Oracle Fusion Middleware v10.1.3.4.0, v10.1.3.4.1 y v11.1.1.3 permite a usuarios autenticados remotamente afectar a la integridad a través de vectores desconocidos relacionados con Web Server. • http://osvdb.org/70561 •

CVE-2010-3501
https://notcve.org/view.php?id=CVE-2010-3501
13 Oct 2010 — Unspecified vulnerability in the OID component in Oracle Fusion Middleware 10.1.2.3, 10.1.4.3, and 11.1.1.2.0 allows remote attackers to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente OID en Oracle Fusion Middleware v10.1.2.3, vv10.1.4.3 y v11.1.1.2.0 y permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •

CVE-2010-2390
https://notcve.org/view.php?id=CVE-2010-2390
13 Oct 2010 — Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server 10.1.0.5 and 10.2.0.3, Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3, and Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Database Control en EM Console en Oracle Database Server v10.1.0.5 y v10.2.0.3, Oracle Fusion Middleware v10.1.2.3 y v10.1.4.3 y Enterprise Manager Grid Cont... • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •

CVE-2010-2370 – Oracle Business Process Management 10.3.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-2370
13 Jul 2010 — Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middleware 5.7 MP3, 6.0 MP5, and 10.3 MP2 allows remote attackers to affect integrity, related to BPM. Vulnerabilidad no especificada en el componente Oracle Business Process Management de Oracle Fusion Middleware v5.7 MP3, v6.0 MP5, y v10.3 MP2, permite a atacantes remotos afectar la integridad, relacionado con BPM. • https://www.exploit-db.com/exploits/34310 •

CVE-2010-2381
https://notcve.org/view.php?id=CVE-2010-2381
13 Jul 2010 — Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0081. Vulnerabilidad no especificada en el componente Application Server Control en Oracle Fusion Middleware 10.1.2.3 y 10.1.4.0.1 permite a usuarios remotos autenticados afectar la integridad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2010-0081. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •

CVE-2010-0081
https://notcve.org/view.php?id=CVE-2010-0081
13 Jul 2010 — Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2381. Vulnerabilidad no especificada en el componente Application Server Control en Oracle Fusion Middleware 10.1.2.3 y 10.1.4.0.1 permite a usuarios remotos autenticados afectar la integridad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2010-2381. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •

CVE-2010-1622 – Spring Framework - Arbitrary code Execution
https://notcve.org/view.php?id=CVE-2010-1622
21 Jun 2010 — SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file. SpringSource Spring Framework v2.5.x anteriores a v2.5.6.SEC02, v2.5.7 anteriores a v2.5.7.SR01, y v3.0.x anteriores a v3.0.3 permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP que contenga class.classLoader.URLs[0]=jar:... • https://www.exploit-db.com/exploits/13918 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •

CVE-2010-0853
https://notcve.org/view.php?id=CVE-2010-0853
13 Apr 2010 — Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2.0.8, and DV; and Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Una vulnerabilidad no especificada en el componente de directorio de Internet (Oracle Internet Directory) en la base de datos Oracle v9.2.0.8, v9.2.0.8, y DV, y Oracle Fusion Middleware v10.1.2.3 y v10.1.4.0.1; permite a atacantes remotos afect... • http://secunia.com/advisories/39438 •

CVE-2010-0856
https://notcve.org/view.php?id=CVE-2010-0856
13 Apr 2010 — Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.2 allows remote attackers to affect availability via unknown vectors. Una vulnerabilidad no especificada en el componente Portal de Oracle Fusion Middleware v10.1.2.3 y v10.1.4.2 permite a atacantes remotos afectar a la disponibilidad de los datos a través de vectores desconocidos. • http://secunia.com/advisories/39439 •