ID CVE-2015-4745Type cveReporter NVDModified 2016-12-21T21:59:56
Description
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-2606.
{"title": "CVE-2015-4745", "reporter": "NVD", "enchantments": {"score": {"vector": "NONE", "value": 4.3}, "vulnersScore": 4.3}, "published": "2015-07-16T07:00:39", "cvelist": ["CVE-2015-4745"], "viewCount": 2, "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4745", "bulletinFamily": "NVD", "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "6dfe86b673312437b8fb6cabb806d65a", "key": "cpe"}, {"hash": "100e4392e4a5d272986f18d406fa3103", "key": "cvelist"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "d9ffe5940ab2b69b504be8eff4f21007", "key": "description"}, {"hash": "69e333b81d2e66077118487d022eea10", "key": "href"}, {"hash": "af1a12cae8ecf51f9f7821d05d2948aa", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "2bb05f094cff396bb0dd30c74e2c10f8", "key": "published"}, {"hash": "a1a3072dea17da0a5d80d08a779c11e1", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "8622a537655ab6135481de23b924326b", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "history": [{"bulletin": {"reporter": "NVD", "published": "2015-07-16T07:00:39", "cvelist": ["CVE-2015-4745"], "title": "CVE-2015-4745", "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4745", "bulletinFamily": "NVD", "id": "CVE-2015-4745", "history": [], "scanner": [], "cpe": ["cpe:/a:oracle:fusion_middleware:2.2.2", "cpe:/a:oracle:fusion_middleware:3.1", "cpe:/a:oracle:fusion_middleware:2.4", "cpe:/a:oracle:fusion_middleware:2.3", "cpe:/a:oracle:fusion_middleware:3.0"], "modified": "2015-07-16T14:52:57", "hash": "af07f74cabab985a516e9c8cc37e3e621bb071493df0e7ef26784aa6ccdc8877", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "viewCount": 0, "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "references": ["http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6dfe86b673312437b8fb6cabb806d65a", "key": "cpe"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "100e4392e4a5d272986f18d406fa3103", "key": "cvelist"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "8622a537655ab6135481de23b924326b", "key": "title"}, {"hash": "f803443f21e0ac8c514219799045872a", "key": "modified"}, {"hash": "69e333b81d2e66077118487d022eea10", "key": "href"}, {"hash": "c2e02b5198e39a7764a95e8123bfca51", "key": "references"}, {"hash": "2bb05f094cff396bb0dd30c74e2c10f8", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "d9ffe5940ab2b69b504be8eff4f21007", "key": "description"}], "lastseen": "2016-09-03T22:44:31", "description": "Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-2606."}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T22:44:31"}], "scanner": [], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "modified": "2016-12-21T21:59:56", "hash": "3368fe2ccd615aca2febef6022ec656f7ec6d6afd8546872bbf1dad7bcee4675", "cpe": ["cpe:/a:oracle:fusion_middleware:2.2.2", "cpe:/a:oracle:fusion_middleware:3.1", "cpe:/a:oracle:fusion_middleware:2.4", "cpe:/a:oracle:fusion_middleware:2.3", "cpe:/a:oracle:fusion_middleware:3.0"], "edition": 2, "description": "Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-2606.", "references": ["http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "http://www.zerodayinitiative.com/advisories/ZDI-15-357", "http://www.securityfocus.com/bid/75750"], "id": "CVE-2015-4745", "lastseen": "2017-04-18T15:57:18", "assessment": {"name": "", "href": "", "system": ""}}
{"zdi": [{"lastseen": "2016-11-09T00:17:53", "references": ["http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"], "edition": 2, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known.\n\nThe specific flaw exists within the handling of file downloads. The issue lies in the failure to sanitize the path of files to be downloaded. A remote attacker can exploit this vulnerability to read server configuration files. This exfiltrated information can then be used to access the system with the privileges of the clover server.", "reporter": "Steven Seeley of Source Incite", "published": "2015-07-20T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Oracle Endeca Information Discovery Integrator ETL Server File Download Remote Code Execution Vulnerability", "type": "zdi", "bulletinFamily": "info", "cvelist": ["CVE-2015-4745"], "modified": "2015-11-09T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-15-357", "id": "ZDI-15-357", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oracle": [{"lastseen": "2018-08-31T04:14:03", "references": [], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n \n\n\n**Oracle continues to periodically receive reports of malicious exploitation of vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that malicious attackers have been successful because customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\n \n\n\nThis Critical Patch Update contains 193 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n \n\n\n** Please note that on May 15, 2015, Oracle released [Security Alert for CVE-2015-3456 (QEMU \"Venom\")](<http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html>). Customers of affected Oracle products are strongly advised to apply the fixes and/or configuration steps that were announced for CVE-2015-3456. **\n\n \n\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\n \n\n", "edition": 3, "reporter": "Oracle", "published": "2015-07-14T00:00:00", "title": "Oracle Critical Patch Update - July 2015", "type": "oracle", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Oracle WebCenter Portal", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Siebel Apps - E-Billing", "version": "6.1", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "8u33", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.0.6", "operator": "le"}, {"name": "Oracle VM Server for SPARC", "version": "3.2", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "11.1.1.8.0", "operator": "le"}, {"name": "Hyperion Enterprise Performance Management Architect", "version": "11.1.2.2", "operator": "le"}, {"name": "Solaris Cluster", "version": "4.2", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1.1.7", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "8u33", "operator": "le"}, {"name": "Oracle OpenSSO", "version": "3.0", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "5.1", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.1", "operator": "le"}, {"name": "RDBMS Scheduler", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.3", "operator": "le"}, {"name": "Java VM", "version": "11.2.0.3", "operator": "le"}, {"name": "Fujitsu M10-1, M10-4, M10-4S Servers", "version": "2260", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "2.3", "operator": "le"}, {"name": "Java VM", "version": "11.2.0.4", "operator": "le"}, {"name": "Java VM", "version": "11.1.0.7", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.4", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.4", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "7u80", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "2.4", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "12.1.0.7", "operator": "le"}, {"name": "Sun Blade 6000 Ethernet Switched NEM 24P 10GE", "version": "1.2.2", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "2.2.80", "operator": "le"}, {"name": "Oracle RDBMS", "version": "11.1.0.7", "operator": "le"}, {"name": "RDBMS Partitioning", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "5.2", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "2.1.1", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Event Processing", "version": "11.1.1.7", "operator": "le"}, {"name": "RDBMS Scheduler", "version": "12.1.0.2", "operator": "le"}, {"name": "Data Store", "version": "11.2.5.2.42", "operator": "le"}, {"name": "Oracle Tuxedo", "version": "10.3", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "7u75", "operator": "le"}, {"name": "PeopleSoft Enteprise Portal - Interaction Hub", "version": "9.1.00", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.4", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.1.40", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM Candidate Gateway", "version": "9.1", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.2.32", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "11.1.0.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.6", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.2", "operator": "le"}, {"name": "RDBMS Scheduler", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.1.3", "operator": "le"}, {"name": "Oracle iPlanet Web Proxy Server", "version": "4.0", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "12.1.0.6", "operator": "le"}, {"name": "Oracle Marketing", "version": "11.5.10.2", "operator": "le"}, {"name": "Sun Ray Software", "version": "5.4.4", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "8u33", "operator": "le"}, {"name": "Oracle Sourcing", "version": "12.2.4", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "6u95", "operator": "le"}, {"name": "Oracle OLAP", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "4.63", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.1.3", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.0.32", "operator": "le"}, {"name": "Technology stack", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "3.0", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.1", "operator": "le"}, {"name": "Oracle Switch ES1-24", "version": "1.3.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.5", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.3.0", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "3.1.1", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "3.1.2", "operator": "le"}, {"name": "Hyperion Common Security", "version": "11.1.2.2", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.54", "operator": "le"}, {"name": "Oracle Access Manager", "version": "11.1.2.2", "operator": "le"}, {"name": "RDBMS Support Tools", "version": "12.1.0.1", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "7u80", "operator": "le"}, {"name": "Oracle Exalogic Infrastructure", "version": "2.0.6.2", "operator": "le"}, {"name": "Oracle Application Express", "version": "4.2.3.00.08", "operator": "le"}, {"name": "Siebel UI Framework", "version": "8.2.2", "operator": "le"}, {"name": "Java VM", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.4", "operator": "le"}, {"name": "Sun Network 10GE Switch 72p", "version": "1.2.2", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "2.2.2", "operator": "le"}, {"name": "Oracle Data Integrator", "version": "11.1.1.3.0", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "11.1.2.4.0", "operator": "le"}, {"name": "Oracle Sourcing", "version": "12.1.3", "operator": "le"}, {"name": "RDBMS Scheduler", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle RDBMS", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.1.3", "operator": "le"}, {"name": "Solaris", "version": "10", "operator": "le"}, {"name": "Oracle Application Express", "version": "5.0", "operator": "le"}, {"name": "RDBMS Support Tools", "version": "12.1.0.2", "operator": "le"}, {"name": "Siebel Core - Server OM Svcs", "version": "8.1.1", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "8u45", "operator": "le"}, {"name": "RDBMS Partitioning", "version": "11.2.0.3", "operator": "le"}, {"name": "Hyperion Enterprise Performance Management Architect", "version": "11.1.2.3", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.0.6", "operator": "le"}, {"name": "Data Store", "version": "11.2.5.3.28", "operator": "le"}, {"name": "Siebel UI Framework", "version": "8.22", "operator": "le"}, {"name": "Oracle Communications Messaging Server", "version": "7.0", "operator": "le"}, {"name": "Hyperion Common Security", "version": "11.1.2.3", "operator": "le"}, {"name": "Technology stack", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "version": "6.2.0.0", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.3", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.23", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.2.4", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.24", "operator": "le"}, {"name": "RDBMS Support Tools", "version": "11.2.0.4", "operator": "le"}, {"name": "Technology stack", "version": "12.1.3", "operator": "le"}, {"name": "RDBMS Partitioning", "version": "11.1.0.7", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "11.0", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.2.3", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "11.1.1.6.1", "operator": "le"}, {"name": "Oracle Traffic Director", "version": "11.1.1.7.0", "operator": "le"}, {"name": "RDBMS Scheduler", "version": "11.1.0.7", "operator": "le"}, {"name": "Java SE", "version": "7u80", "operator": "le"}, {"name": "Java SE", "version": "8u45", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "12.1.2.0.0", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.1.0", "operator": "le"}, {"name": "Hyperion Common Security", "version": "11.1.2.4", "operator": "le"}, {"name": "SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers", "version": "1120", "operator": "le"}, {"name": "Solaris", "version": "11.2", "operator": "le"}, {"name": "Oracle Tuxedo", "version": "11.1.1.2.2", "operator": "le"}, {"name": "PeopleSoft Enterprise PT PeopleTools", "version": "8.53", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.3", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM Talent Acquisition Manager", "version": "9.1", "operator": "le"}, {"name": "Oracle Agile PLM Framework", "version": "9.3.3", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.3", "operator": "le"}, {"name": "RDBMS Partitioning", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle WebCenter Portal", "version": "11.1.1.8.0", "operator": "le"}, {"name": "Oracle Ethernet Switch ES2-72, Oracle Ethernet Switch ES2-64", "version": "1.9.1.2", "operator": "le"}, {"name": "RDBMS Security", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.3.30", "operator": "le"}, {"name": "Siebel Core - Server OM Svcs", "version": "15.0", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.2", "operator": "le"}, {"name": "Siebel UI Framework", "version": "8.1.1", "operator": "le"}, {"name": "Oracle Communications Session Border Controller", "version": "7.2.0m4", "operator": "le"}, {"name": "Siebel Core - Server OM Svcs", "version": "8.2.2", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1.1.9", "operator": "le"}, {"name": "Oracle iPlanet Web Server", "version": "6.1", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "7u75", "operator": "le"}, {"name": "Siebel Apps - E-Billing", "version": "6.1.1", "operator": "le"}, {"name": "Integrated Lights Out Manager (ILOM)", "version": "9.4.2e", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.42", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.2.0", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "7u75", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "7u80", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "28.3.6", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.53", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "6u95", "operator": "le"}, {"name": "Siebel UI Framework", "version": "15.0", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.22", "operator": "le"}, {"name": "Oracle Event Processing", "version": "12.1.3.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "version": "6.1.0.3", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "12.2.1.0", "operator": "le"}, {"name": "Oracle Directory Server Enterprise Edition", "version": "7.0", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.3", "operator": "le"}, {"name": "PeopleSoft Enterprise PT PeopleTools", "version": "8.54", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Data Store", "version": "11.2.5.1.29", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "6u95", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "10.3.6.0", "operator": "le"}, {"name": "Integrated Lights Out Manager (ILOM)", "version": "8.7.2.b", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.0.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.1", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "8u45", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.0", "operator": "le"}, {"name": "Oracle Tuxedo", "version": "12.1.1.0", "operator": "le"}, {"name": "Solaris Cluster", "version": "3.3", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "3.1", "operator": "le"}, {"name": "Siebel Apps - E-Billing", "version": "6.2", "operator": "le"}, {"name": "Oracle iPlanet Web Server", "version": "7.0", "operator": "le"}, {"name": "Oracle Application Express", "version": "4.2.1", "operator": "le"}, {"name": "Data Store", "version": "12.1.6.0.35", "operator": "le"}, {"name": "RDBMS Partitioning", "version": "12.1.0.2", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Directory Server Enterprise Edition", "version": "11.1.1.7", "operator": "le"}, {"name": "Web Cache", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "version": "6.0.0.7", "operator": "le"}, {"name": "Oracle Access Manager", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.7", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "8u45", "operator": "le"}, {"name": "Oracle OLAP", "version": "12.1.0.1", "operator": "le"}, {"name": "RDBMS Support Tools", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle Sourcing", "version": "12.1.2", "operator": "le"}, {"name": "Java VM", "version": "12.1.0.1", "operator": "le"}, {"name": "Hyperion Essbase", "version": "11.1.2.3", "operator": "le"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "version": "6.1.1.5", "operator": "le"}, {"name": "Java SE", "version": "6u95", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.43", "operator": "le"}, {"name": "Oracle Sourcing", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Sourcing", "version": "12.1.1", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.4", "operator": "le"}, {"name": "Oracle RDBMS", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "3.0.2", "operator": "le"}, {"name": "Hyperion Essbase", "version": "11.1.2.2", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.4", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.1.2", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "11.1", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "4.71", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM Talent Acquisition Manager", "version": "9.2", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.2", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM Candidate Gateway", "version": "9.2", "operator": "le"}], "cvelist": ["CVE-2015-1926", "CVE-2015-1802", "CVE-2015-4000", "CVE-2015-2591", "CVE-2015-0443", "CVE-2015-1803", "CVE-2015-4771", "CVE-2015-2627", "CVE-2015-2615", "CVE-2014-3566", "CVE-2015-4764", "CVE-2015-4774", "CVE-2015-2601", "CVE-2015-4738", "CVE-2014-8098", "CVE-2015-0235", "CVE-2015-4729", "CVE-2015-1804", "CVE-2015-4751", "CVE-2015-0444", "CVE-2015-0445", "CVE-2015-4749", "CVE-2014-8092", "CVE-2015-4758", "CVE-2014-7809", "CVE-2015-2643", "CVE-2015-4770", "CVE-2015-4747", "CVE-2015-2661", "CVE-2015-4778", "CVE-2015-2632", "CVE-2015-2625", "CVE-2015-2617", "CVE-2015-4784", "CVE-2015-2664", "CVE-2015-2605", "CVE-2015-2597", "CVE-2015-4785", "CVE-2015-4732", "CVE-2015-2653", "CVE-2014-3572", "CVE-2014-3613", "CVE-2015-0206", "CVE-2014-0227", "CVE-2015-2595", "CVE-2015-4782", "CVE-2015-0286", "CVE-2015-3244", "CVE-2015-2648", "CVE-2015-2657", "CVE-2014-0230", "CVE-2014-8100", "CVE-2015-4789", "CVE-2015-2581", "CVE-2015-2613", "CVE-2015-2658", "CVE-2014-3571", "CVE-2015-4736", "CVE-2015-2599", "CVE-2013-2251", "CVE-2013-5704", "CVE-2015-4739", "CVE-2015-0288", "CVE-2015-4790", "CVE-2013-6422", "CVE-2015-2589", "CVE-2010-1324", "CVE-2015-2623", "CVE-2015-2631", "CVE-2010-4020", "CVE-2015-2596", "CVE-2015-4763", "CVE-2015-0285", "CVE-2015-4783", "CVE-2015-2620", "CVE-2015-2650", "CVE-2011-3389", "CVE-2015-2654", "CVE-2015-0207", "CVE-2015-2607", "CVE-2015-2639", "CVE-2015-2611", "CVE-2015-2645", "CVE-2015-2634", "CVE-2015-2594", "CVE-2014-8275", "CVE-2015-3456", "CVE-2015-0467", "CVE-2015-2584", "CVE-2015-0208", "CVE-2015-2808", "CVE-2013-0249", "CVE-2014-3570", "CVE-2015-2590", "CVE-2015-2656", "CVE-2015-2626", "CVE-2015-2628", "CVE-2015-4768", "CVE-2015-4761", "CVE-2015-4745", "CVE-2015-4750", "CVE-2014-0139", "CVE-2015-2635", "CVE-2015-4756", "CVE-2015-2647", "CVE-2014-3707", "CVE-2015-0293", "CVE-2015-2600", "CVE-2015-2580", "CVE-2014-8097", "CVE-2014-8101", "CVE-2015-2640", "CVE-2015-4733", "CVE-2015-2646", "CVE-2014-1568", "CVE-2015-2651", "CVE-2015-2603", "CVE-2014-8091", "CVE-2015-4765", "CVE-2015-2660", "CVE-2015-2604", "CVE-2015-0255", "CVE-2015-4772", "CVE-2015-2662", "CVE-2015-4735", "CVE-2015-0468", "CVE-2015-4779", "CVE-2015-0209", "CVE-2015-2585", "CVE-2013-2186", "CVE-2014-3567", "CVE-2015-2614", "CVE-2014-0015", "CVE-2015-4737", "CVE-2015-4776", "CVE-2015-4757", "CVE-2015-4728", "CVE-2015-2637", "CVE-2015-2606", "CVE-2015-4769", "CVE-2015-0204", "CVE-2015-2621", "CVE-2015-4786", "CVE-2015-4787", "CVE-2015-2638", "CVE-2015-4740", "CVE-2015-2619", "CVE-2015-4731", "CVE-2014-8095", "CVE-2015-4727", "CVE-2015-4741", "CVE-2015-2636", "CVE-2015-2659", "CVE-2015-2655", "CVE-2015-4775", "CVE-2015-4773", "CVE-2014-8102", "CVE-2015-0291", "CVE-2015-4746", "CVE-2015-2629", "CVE-2014-8096", "CVE-2015-4788", "CVE-2015-4755", "CVE-2015-2602", "CVE-2015-4748", "CVE-2015-0287", "CVE-2015-2622", "CVE-2015-2610", "CVE-2012-0036", "CVE-2013-2174", "CVE-2015-2663", "CVE-2015-4742", "CVE-2014-8093", "CVE-2015-0289", "CVE-2015-2652", "CVE-2015-4759", "CVE-2015-0446", "CVE-2015-0292", "CVE-2015-2582", "CVE-2015-4780", "CVE-2014-1569", "CVE-2015-4781", "CVE-2015-2618", "CVE-2015-2641", "CVE-2015-2593", "CVE-2015-4744", "CVE-2015-2598", "CVE-2014-0138", "CVE-2015-2587", "CVE-2015-2630", "CVE-2015-2592", "CVE-2015-4767", "CVE-2015-0290", "CVE-2015-2616", "CVE-2015-0205", "CVE-2015-2624", "CVE-2015-2609", "CVE-2015-4777", "CVE-2010-1323", "CVE-2015-1787", "CVE-2015-4754", "CVE-2014-3569", "CVE-2015-2588", "CVE-2015-4760", "CVE-2015-2583", "CVE-2015-4743", "CVE-2013-4545", "CVE-2015-4752", "CVE-2015-2586", "CVE-2015-4753", "CVE-2015-2649", "CVE-2015-2612", "CVE-2015-2644"], "modified": "2016-07-07T00:00:00", "id": "ORACLE:CPUJUL2015-2367936", "href": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:01", "references": ["https://vulners.com/securityvulns/securityvulns:doc:32348", "https://vulners.com/securityvulns/securityvulns:doc:32349", "https://vulners.com/securityvulns/securityvulns:doc:32374"], "description": "Quarterly CPU fixed over 170 different vulnerabilities.", "edition": 1, "reporter": "ORACLE", "published": "2015-07-20T00:00:00", "title": "Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:01", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Endeca Information Discovery Studio", "version": "3.1", "operator": "eq"}, {"name": "Oracle Web Cache", "version": "11.1", "operator": "eq"}, {"name": "Hyperion Essbase", "version": "11.1", "operator": "eq"}, {"name": "Siebel Apps - E-Billing", "version": "6.2", "operator": "eq"}, {"name": "iPlanet Web Proxy Server", "version": "4.0", "operator": "eq"}, {"name": "Oracle WebCenter Portal", "version": "11.1", "operator": "eq"}, {"name": "Oracle Event Processing", "version": "11.1", "operator": "eq"}, {"name": "Oracle Business Intelligence", "version": "11.1", "operator": "eq"}, {"name": "Oracle Traffic Director", "version": "11.1", "operator": "eq"}, {"name": "Berkeley DB", "version": "12.1", "operator": "eq"}, {"name": "Oracle Event Processing", "version": "12.1", "operator": "eq"}, {"name": "Siebel Core - Server OM Svcs", "version": "15.0", "operator": "eq"}, {"name": "Java SE", "version": "8", "operator": "eq"}, {"name": "Fusion Middleware", "version": "11.1", "operator": "eq"}, {"name": "Secure Global Desktop", "version": "5.2", "operator": "eq"}, {"name": "PeopleSoft Enterprise HCM Talent Acquisition Manager", "version": "9.2", "operator": "eq"}, {"name": "OpenSSO", "version": "3.0", "operator": "eq"}, {"name": "Oracle Communications Messaging Server", "version": "7.0", "operator": "eq"}, {"name": "Oracle", "version": "12.1", "operator": "eq"}, {"name": "iPlanet Web Server", "version": "7.0", "operator": "eq"}, {"name": "Enterprise Manager Plugin for Oracle Database", "version": "12.1", "operator": "eq"}, {"name": "Java SE Embedded", "version": "8", "operator": "eq"}, {"name": "Hyperion Common Security", "version": "11.1", "operator": "eq"}, {"name": "Exalogic Infrastructure", "version": "2.0", "operator": "eq"}, {"name": "Oracle Commerce Experience Manager", "version": "11.1", "operator": "eq"}, {"name": "Oracle VM Server for SPARC", "version": "3.2", "operator": "eq"}, {"name": "Oracle", "version": "11.2", "operator": "eq"}, {"name": "Oracle E-Business Suite", "version": "12.2", "operator": "eq"}, {"name": "Oracle Commerce Guided Search", "version": "11.1", "operator": "eq"}, {"name": "Oracle Transportation Management", "version": "6.3", "operator": "eq"}, {"name": "Solaris", "version": "11.2", "operator": "eq"}, {"name": "Oracle Communications Session Border Controller", "version": "7.2", "operator": "eq"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.54", "operator": "eq"}, {"name": "Enterprise Manager for Oracle Database", "version": "11.2", "operator": "eq"}, {"name": "Sun Blade", "version": "6000", "operator": "eq"}, {"name": "Agile PLM for Process", "version": "6.2", "operator": "eq"}, {"name": "Oracle WebCenter Sites", "version": "12.2", "operator": "eq"}, {"name": "Agile PLM Framework", "version": "9.3", "operator": "eq"}, {"name": "Oracle Data Integrator", "version": "11.1", "operator": "eq"}, {"name": "WebLogic Server", "version": "12.1", "operator": "eq"}, {"name": "Enterprise Manager Base Platform", "version": "11.1", "operator": "eq"}, {"name": "Hyperion Enterprise Performance Management Architect", "version": "11.1", "operator": "eq"}, {"name": "Java FX", "version": "2.2", "operator": "eq"}, {"name": "MySQL Server", "version": "5.6", "operator": "eq"}, {"name": "GlassFish Server", "version": "3.1", "operator": "eq"}, {"name": "Oracle Directory Server", "version": "11.1", "operator": "eq"}, {"name": "VirtualBox", "version": "4.3", "operator": "eq"}, {"name": "Sun Ray", "version": "5.4", "operator": "eq"}, {"name": "Oracle Access Manager", "version": "11.1", "operator": "eq"}, {"name": "JDeveloper", "version": "12.1", "operator": "eq"}, {"name": "Fusion Middleware", "version": "12.1", "operator": "eq"}, {"name": "Fusion Applications", "version": "11.1", "operator": "eq"}, {"name": "Agile PLM", "version": "9.3", "operator": "eq"}, {"name": "Siebel UI Framework", "version": "15.0", "operator": "eq"}, {"name": "JRockit", "version": "28.3", "operator": "eq"}, {"name": "PeopleSoft Enterprise HCM Candidate Gateway", "version": "9.2", "operator": "eq"}, {"name": "Oracle Tuxedo", "version": "12.1", "operator": "eq"}, {"name": "PeopleSoft Enteprise Portal - Interaction Hub", "version": "9.1", "operator": "eq"}], "cvelist": ["CVE-2015-1926", "CVE-2015-4000", "CVE-2015-2591", "CVE-2015-0443", "CVE-2015-1803", "CVE-2015-4771", "CVE-2015-2627", "CVE-2015-2615", "CVE-2014-3566", "CVE-2015-4764", "CVE-2015-4774", "CVE-2015-2601", "CVE-2015-4738", "CVE-2015-0235", "CVE-2015-4729", "CVE-2015-4751", "CVE-2015-0444", "CVE-2015-0445", "CVE-2015-4749", "CVE-2015-4758", "CVE-2014-7809", "CVE-2015-2643", "CVE-2015-4770", "CVE-2015-4747", "CVE-2015-2661", "CVE-2015-4778", "CVE-2015-2632", "CVE-2015-2625", "CVE-2015-2617", "CVE-2015-4784", "CVE-2015-2664", "CVE-2015-2605", "CVE-2015-2597", "CVE-2015-4785", "CVE-2015-4732", "CVE-2015-2653", "CVE-2014-0227", "CVE-2015-2595", "CVE-2015-4782", "CVE-2015-0286", "CVE-2015-2648", "CVE-2015-2657", "CVE-2014-0230", "CVE-2015-4789", "CVE-2015-0447", "CVE-2015-2581", "CVE-2015-2613", "CVE-2015-2658", "CVE-2014-3571", "CVE-2015-4736", "CVE-2015-2599", "CVE-2013-2251", "CVE-2013-5704", "CVE-2015-4739", "CVE-2015-4790", "CVE-2015-2589", "CVE-2010-1324", "CVE-2015-2623", "CVE-2015-2631", "CVE-2015-2596", "CVE-2015-4763", "CVE-2015-4783", "CVE-2015-2620", "CVE-2015-2650", "CVE-2015-0448", "CVE-2015-2654", "CVE-2015-2607", "CVE-2015-2639", "CVE-2015-2611", "CVE-2015-2645", "CVE-2015-2634", "CVE-2015-2594", "CVE-2015-3456", "CVE-2015-2584", "CVE-2015-2808", "CVE-2014-3570", "CVE-2015-2590", "CVE-2015-2656", "CVE-2015-2626", "CVE-2015-2628", "CVE-2015-4768", "CVE-2015-4761", "CVE-2015-4745", "CVE-2015-4750", "CVE-2015-2635", "CVE-2015-4756", "CVE-2015-2647", "CVE-2015-2600", "CVE-2015-2580", "CVE-2015-3152", "CVE-2015-2640", "CVE-2015-4733", "CVE-2015-2646", "CVE-2014-1568", "CVE-2015-2651", "CVE-2015-2603", "CVE-2015-2633", "CVE-2015-4765", "CVE-2015-2660", "CVE-2015-2604", "CVE-2015-0255", "CVE-2015-4772", "CVE-2015-2662", "CVE-2015-4735", "CVE-2015-4779", "CVE-2015-2585", "CVE-2013-2186", "CVE-2014-3567", "CVE-2015-2614", "CVE-2015-4766", "CVE-2015-4737", "CVE-2015-4776", "CVE-2015-4757", "CVE-2015-4728", "CVE-2015-2637", "CVE-2015-2606", "CVE-2015-4769", "CVE-2015-2621", "CVE-2015-4786", "CVE-2015-4787", "CVE-2015-2638", "CVE-2015-4740", "CVE-2015-2619", "CVE-2015-4731", "CVE-2015-4727", "CVE-2015-4741", "CVE-2015-2636", "CVE-2015-2659", "CVE-2015-2655", "CVE-2015-4775", "CVE-2015-4773", "CVE-2014-8102", "CVE-2015-4746", "CVE-2015-2629", "CVE-2015-4788", "CVE-2015-4755", "CVE-2015-2602", "CVE-2015-4748", "CVE-2015-2622", "CVE-2015-2610", "CVE-2012-0036", "CVE-2015-2663", "CVE-2015-4742", "CVE-2015-2652", "CVE-2015-4759", "CVE-2015-0446", "CVE-2015-2582", "CVE-2015-4780", "CVE-2014-1569", "CVE-2015-4781", "CVE-2015-2618", "CVE-2015-2641", "CVE-2015-2593", "CVE-2015-4744", "CVE-2015-2598", "CVE-2015-2587", "CVE-2015-2630", "CVE-2015-2592", "CVE-2015-4767", "CVE-2015-2616", "CVE-2015-2624", "CVE-2015-2609", "CVE-2015-4777", "CVE-2015-4754", "CVE-2015-2588", "CVE-2015-4760", "CVE-2015-2583", "CVE-2015-4743", "CVE-2015-4752", "CVE-2015-2586", "CVE-2015-4753", "CVE-2015-2649", "CVE-2015-2612", "CVE-2015-2644"], "modified": "2015-07-20T00:00:00", "id": "SECURITYVULNS:VULN:14601", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14601", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
