Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_WEBCENTER_SITES_OCT_2012_CPU.NASL
HistoryMar 03, 2014 - 12:00 a.m.

Oracle WebCenter Sites Multiple Vulnerabilities (October 2012 CPU)

2014-03-0300:00:00
This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

The remote Oracle WebCenter Sites install is missing patches from the October 2012 CPU. As a result, it may be affected by multiple vulnerabilities :

  • A cross-site request forgery vulnerability exists that can be triggered by tricking a victim into clicking an image link on a specially crafted page. (CVE-2012-3185)

  • A flaw in the UI Subcomponent could allow an authenticated user the ability to alter the email address information of other users. (CVE-2012-3183)

  • The UI Subcomponent is affected by a cross-site scripting vulnerability due to lack of sanitization for the ‘username’ and ‘StartItem’ parameters.
    (CVE-2012-3184)

  • The ‘selectedLocale’ parameter in the UI Subcomponent is not properly sanitized and allows SQL injection.
    (CVE-2012-3186)

  • The Oracle WebCenter Sites ImagePicket Subcomponent is affected by an unspecified local vulnerability.
    (CVE-2012-5065)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(72778);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id(
    "CVE-2012-3183",
    "CVE-2012-3184",
    "CVE-2012-3185",
    "CVE-2012-3186",
    "CVE-2012-5065"
  );
  script_bugtraq_id(
    55968,
    55972,
    55980,
    55984,
    56001
  );
  script_xref(name:"EDB-ID", value:"22041");

  script_name(english:"Oracle WebCenter Sites Multiple Vulnerabilities (October 2012 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has software installed that is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote Oracle WebCenter Sites install is missing patches from the
October 2012 CPU.  As a result, it may be affected by multiple
vulnerabilities :

  - A cross-site request forgery vulnerability exists that
    can be triggered by tricking a victim into clicking an
    image link on a specially crafted page. (CVE-2012-3185)

  - A flaw in the UI Subcomponent could allow an
    authenticated user the ability to alter the email
    address information of other users. (CVE-2012-3183)

  - The UI Subcomponent is affected by a cross-site
    scripting vulnerability due to lack of sanitization for
    the 'username' and 'StartItem' parameters.
    (CVE-2012-3184)

  - The 'selectedLocale' parameter in the UI Subcomponent is
    not properly sanitized and allows SQL injection.
    (CVE-2012-3186)

  - The Oracle WebCenter Sites ImagePicket Subcomponent is
    affected by an unspecified local vulnerability.
    (CVE-2012-5065)");
  # https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?87547c81");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2012 Oracle
Critical Patch Update advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-3186");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/10/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/03");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_webcenter_sites_installed.nbin");
  script_require_keys("SMB/WebCenter_Sites/Installed");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("smb_func.inc");
include("misc_func.inc");

port = kb_smb_transport();

get_kb_item_or_exit('SMB/WebCenter_Sites/Installed');

versions = get_kb_list('SMB/WebCenter_Sites/*/Version');
if (isnull(versions)) exit(1, 'Unable to obtain version list for Oracle WebCenter Sites');

report = '';

foreach key (keys(versions))
{
  fix = '';

  version = versions[key];
  revision = get_kb_item(key - '/Version' + '/Revision');
  path = get_kb_item(key - '/Version' + '/Path');

  if (isnull(version) || isnull(revision)) continue;

  #  Patch 14750912 - 11.1.1.6 < Revision 151599
  if (version =~ "^11\.1\.1\.6(\.|$)" && revision < 151599)
    fix = '\n  Fixed Revision : 151599' +
          '\n  Required Patch : 14750912';

  #  Patch 14583579 - 7.6.1 < Revision 148187
  if (version =~ "^7\.6\.1(\.|$)" && revision < 148187)
    fix = '\n  Fixed Revision : 148187' +
          '\n  Required Patch : 14583579';

  #  Patch 14583638 - 7.6.2 < Revision 148134
  if (version =~ "^7\.6\.2(\.|$)" && revision < 148134)
    fix = '\n  Fixed Revision : 148134' +
          '\n  Required Patch : 14583638';

  if (fix != '')
  {
    if (!isnull(path)) report += '\n  Path           : ' + path;
    report += '\n  Version        : ' + version +
              '\n  Revision       : ' + revision +
              fix + '\n';
  }
}

if (report != '')
{
  set_kb_item(name:"www/"+port+"/XSS", value:TRUE);
  set_kb_item(name:"www/"+port+"/SQLInjection", value:TRUE);
  set_kb_item(name:"www/"+port+"/XSRF", value:TRUE);

  if (report_verbosity > 0) security_warning(port:port, extra:report);
  else security_warning(port);
}
else audit(AUDIT_INST_VER_NOT_VULN, "Oracle WebCenter Sites");
VendorProductVersionCPE
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware

Related

securityvulns 2
seebug 1
packetstorm 1
exploitpack 1
prion 5
cve 5
exploitdb 1
oracle 1
securityvulns
securityvulns
SEC Consult SA-20121017-2 :: Multiple vulnerabilities in Oracle WebCenter Sites &#40;former FatWire Content Server&#41;
2012-10-28 00:00:00
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
2012-10-28 00:00:00
seebug
seebug
Oracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities
2014-07-01 00:00:00
packetstorm
packetstorm
Oracle WebCenter Sites (AKA FatWire) XSS / SQL Injection / CSRF
2012-10-17 00:00:00
exploitpack
exploitpack
Oracle WebCenter Sites (FatWire Content Server) - Multiple Vulnerabilities
2012-10-17 00:00:00
prion
prion
Design/Logic Flaw
2012-10-17 00:55:00
Design/Logic Flaw
2012-10-17 00:55:00
Design/Logic Flaw
2012-10-17 00:55:00
cve
cve
CVE-2012-3186
2012-10-17 00:55:00
CVE-2012-3183
2012-10-17 00:55:00
CVE-2012-3185
2012-10-17 00:55:00
exploitdb
exploitdb
Oracle WebCenter Sites (FatWire Content Server) - Multiple Vulnerabilities
2012-10-17 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2012
2012-10-16 00:00:00
JSON
Related for ORACLE_WEBCENTER_SITES_OCT_2012_CPU.NASL
securityvulns2seebug1packetstorm1exploitpack1prion5cve5exploitdb1oracle1