Vulners
Lucene search
Oracle Application Express AnyChart Flash-Based Cross Site Scripting
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | Oracle Application Express AnyChart Flash-Based Cross Site Scripting Vulnerability | 3 Jan 201900:00 | – | zdt |
 | Unspecified Vulnerability in Oracle Database Server Application Express | 17 Jan 201800:00 | – | cnvd |
 | Oracle Application Express AnyChart Flash-Based XSS (CVE-2018-2699) | 15 Jan 201900:00 | – | checkpoint_advisories |
 | CVE-2018-2699 | 18 Jan 201802:00 | – | cve |
 | CVE-2018-2699 | 18 Jan 201802:00 | – | cvelist |
 | EUVD-2018-14554 | 7 Oct 202500:30 | – | euvd |
 | CVE-2018-2699 | 18 Jan 201802:29 | – | nvd |
 | Oracle Database Server 'Application Express' Component Unspecified Vulnerability | 19 Jan 201800:00 | – | openvas |
 | Oracle Critical Patch Update - January 2018 | 16 Jan 201800:00 | – | oracle |
 | Oracle Database Multiple Vulnerabilities (January 2018 CPU) | 19 Jan 201800:00 | – | nessus |
10
`------------------------------------------------------------------------------------
Oracle Application Express (AnyChart) Flash-based Cross-Site Scripting Vulnerability
------------------------------------------------------------------------------------
[-] Software Link:
https://apex.oracle.com/
[-] Affected Versions:
All versions prior to 5.1.4.00.08.
[-] Vulnerability Description:
The vulnerability is located in the OracleAnyChart.swf file. User input passed through
the "__externalobjid" GET parameter is not properly sanitized before being passed to the
"ExternalInterface.call" method. This can be exploited to carry out reflected Cross-Site
Scripting (XSS) attacks by tricking a victim user into opening an URL like the following:
https://[apex-app]/i/flashchart/anychart_6/swf/OracleAnyChart.swf?__externalobjid=%27))}catch(e){evil_js_code()}//
[-] Solution:
Update to version 5.1.4.00.08 or later.
[-] Disclosure Timeline:
[13/11/2017] - Both vendors notified (using the [email protected] and [email protected] addresses)
[14/11/2017] - Acknowledgment received from AnyChart
[14/11/2017] - Acknowledgment received from Oracle
[15/11/2017] - AnyChart said this issue has been investigated in 2014 and they sent a security update to Oracle
[22/11/2017] - Oracle response stating they filed a security bug to track this issue
[12/01/2018] - Oracle response stating the issue will be fixed in the upcoming Critical Patch Update (CPU)
[16/01/2018] - Oracle fixed the issue in the January Critical Patch Update (CPU)
[31/12/2018] - Public disclosure
[-] CVE Reference:
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2018-2699 to this vulnerability.
[-] Credits:
Vulnerability discovered by Egidio Romano.
[-] Original Advisory:
http://karmainsecurity.com/KIS-2018-01
[-] Other References:
https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jan 2019 00:00Current
EPSS0.00463