NotCVE - vendor:"Oracle" product:"Fusion Middleware" version:"11.1.1.7.0"

Page 9 of 90 results (0.018 seconds)

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2013-2390

https://notcve.org/view.php?id=CVE-2013-2390

17 Apr 2013 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2, 10.3.5, 10.3.6, and 12.1.1 allows remote attackers to affect integrity via unknown vectors related to WebLogic Console, a different vulnerability than CVE-2013-1504. Vulnerabilidad sin especificar en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2, 10.3.5, 10.3.6, y 12.1.1, permite a atacantes remotos comprometer la integridad a través de vectores desconocidos relacionados con Wevlog... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2013-1504

https://notcve.org/view.php?id=CVE-2013-1504

17 Apr 2013 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2, 10.3.5, 10.3.6, and 12.1.1 allows remote attackers to affect integrity via unknown vectors related to WebLogic Console, a different vulnerability than CVE-2013-2390. Vulnerabilidad no especificada en el componente de Oracle WebLogic Server component en Oracle Fusion Middleware v10.0.2, v10.3.5, v10.3.6, y v12.1.1 permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionado... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2012-5097

https://notcve.org/view.php?id=CVE-2012-5097

17 Jan 2013 — Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3.0, 11.1.1.5.0, and 11.1.2.0.0 allows remote attackers to affect integrity, related to OAM Webgate. Vulnerabilidad no especificada en el componente de Oracle Access Manager en Oracle Fusion Middleware v10.1.4.3.0, v11.1.1.5.0, v11.1.2.0.0 que permite a atacantes remotos afectar la integridad, la relacionada con Webgate OAM. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •

CVSS: 5.3EPSS: 0%CPEs: 46EXPL: 0

CVE-2012-1677

https://notcve.org/view.php?id=CVE-2012-1677

17 Jan 2013 — Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Application Server Single Sign-On en Oracle Fusion Middleware permite a atacantes remotos afectar a la integridad a través de vectores desconocidos. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •

CVSS: 9.1EPSS: 96%CPEs: 3EXPL: 5

CVE-2012-3152 – Oracle Fusion Middleware Unspecified Vulnerability

https://notcve.org/view.php?id=CVE-2012-3152

16 Oct 2012 — Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the URLPARAMETER functionality allows remote attackers to read and upload arbitrary files to reports/rwservlet, and that this issue o... • https://packetstorm.news/files/id/124973 •

CVSS: 9.8EPSS: 91%CPEs: 3EXPL: 6

CVE-2012-3153 – Oracle Forms and Reports 11.1 - Arbitrary Code Execution

https://notcve.org/view.php?id=CVE-2012-3153

16 Oct 2012 — Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the PARSEQUERY function allows remote attackers to obtain database credentials via reports/rwservlet/parsequery, and that this issue occurs in earlie... • https://packetstorm.news/files/id/124974 •

CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0

CVE-2012-3135

https://notcve.org/view.php?id=CVE-2012-3135

17 Jul 2012 — Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.3 and before, and 27.7.2 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente de Oracle JRockit en Oracle Fusion Middleware v28.2.3 y anteriores, y v27.7.2 y versiones anteriores, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •

CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0

CVE-2011-3562

https://notcve.org/view.php?id=CVE-2011-3562

17 Jul 2012 — Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Portal en Oracle Fusion Middleware v11.1.1.5, v11.1.1.6 y v11.1.2.0, permite a atacantes remotos afectar a la integridad a través de vectores desconocidos. • http://osvdb.org/83952 •

CVSS: 10.0EPSS: 0%CPEs: 27EXPL: 0

CVE-2012-1695

https://notcve.org/view.php?id=CVE-2012-1695

03 May 2012 — Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Oracle JRockit en Oracle Fusion Middleware v28.2.2 y anteriores, y JDK/JRE 5 y 6 27.7.1 y anteriores permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores no especi... • http://secunia.com/advisories/48864 •

CVSS: 7.5EPSS: 3%CPEs: 14EXPL: 8

CVE-2010-1622 – Spring Framework - Arbitrary code Execution

https://notcve.org/view.php?id=CVE-2010-1622

21 Jun 2010 — SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file. SpringSource Spring Framework v2.5.x anteriores a v2.5.6.SEC02, v2.5.7 anteriores a v2.5.7.SR01, y v3.0.x anteriores a v3.0.3 permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP que contenga class.classLoader.URLs[0]=jar:... • https://www.exploit-db.com/exploits/13918 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •

1...7 8 9