8220 matches found
CVE-2012-0083
CVE-2012-0083 affects Oracle WebCenter Content (Oracle Fusion Middleware) and is evidenced by a Nessus plugin describing an SQL injection in the GET_SEARCH_RESULTS IDC service. The flaw arises because SortField, SortOrder, and QueryText parameters are not properly sanitized, enabling attacker-con...
CVE-2012-0083
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2, 10.1.3.5.1, 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Search...
CVE-2011-3568
CVE-2011-3568 affects Oracle Fusion Middleware’s Oracle Web Services Manager component (versions 11.1.1.3, 11.1.1.4, 11.1.1.5). The vulnerability is described as unspecified and involves remote authenticated users impacting confidentiality and integrity via unknown vectors related to Web Services...
Oracle Releases Critical Patch Update for January 2012
Oracle has released its Critical Patch Update for January 2012 to address 78 vulnerabilities across multiple products. This update contains the following security fixes: 2 for Oracle Database Server 1 for Oracle Fusion Middleware 3 for Oracle E-Business Suite 1 for Oracle Supply Chain Products...
Oracle Plans 78 Security Fixes for Upcoming Critical Update
Oracle has fixes for 78 security vulnerabilities slated for next week as part of its first critical update of the year. The patches are expected to touch the Oracle Database Server, Fusion Middleware, E-Business suite, Supply Chain, PeopleSoft, JD Edwards, Virtualization, Sun and MySQL products...
JBoss Enterprise SOA Platform调用程序身份验证绕过漏洞
BUGTRAQ ID: 50720 CVE ID: CVE-2011-4085 JBoss企业应用平台(JBoss Enterprise Application Platform,EAP)是J2EE应用的中间件平台。 JBoss Enterprise Application Platform在调用程序的实现上存在安全漏洞,攻击者可利用此漏洞绕过身份验证机制,非法访问受影响应用程序。 RedHat JBoss EAP 5.x 厂商补丁: RedHat ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.jboss.org/...
IT-Grundschutz M4.287: Sichere Administration der VoIP-Middleware
IT-Grundschutz M4.287: Sichere Administration der VoIP-Middleware. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94226 Diese Prüfung bezieht sich auf die 12...
IT-Grundschutz M4.287: Sichere Administration der VoIP-Middleware
IT-Grundschutz M4.287: Sichere Administration der VoIP-Middleware. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94226 Diese Prüfung bezieht sich auf die 12...
CVE-2011-3541
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows local users to affect availability via unknown vectors related to Outside In Filters...
CVE-2011-3510
Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.3.0 and 11.1.1.5.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Platform Security...
CVE-2011-3523
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 10.1.3.5.0 and 10.1.3.5.1 allows remote authenticated users to affect integrity, related to WSM Console, a different vulnerability than CVE-2011-2237...
CVE-2011-2314
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors related to JavaServer Pages...
CVE-2011-2318
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows local users to affect confidentiality, related to WLS Security...
CVE-2011-2237
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 10.1.3.5.0 and 10.1.3.5.1 allows remote authenticated users to affect integrity, related to WSM Console, a different vulnerability than CVE-2011-3523...
CVE-2011-2255
Unspecified vulnerability in the Oracle WebLogic Portal component in Oracle Fusion Middleware 9.2.3.0, 10.0.1.0, 10.2.1.0, and 10.3.2.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 10.1.3.5.0 and 10.1.3.5.1 allows remote authenticated users to affect integrity, related to WSM Console, a different vulnerability than CVE-2011-3523...
Design/Logic Flaw
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows remote attackers to affect confidentiality, related to JMS...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors related to JavaServer Pages...
Design/Logic Flaw
Unspecified vulnerability in the Oracle WebLogic Portal component in Oracle Fusion Middleware 9.2.3.0, 10.0.1.0, 10.2.1.0, and 10.3.2.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows local users to affect confidentiality, related to WLS Security...