148 matches found
CVE-2015-0389
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592...
CVE-2015-0389
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592...
CVE-2015-0389
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592...
CVE-2015-0389
CVE-2015-0389 affects the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5. The connected sources describe multiple unspecified vulnerabilities in the SAML subcomponent that could allow remote authenticated users to affect integrity. The reports consistently refer to Open...
CVE-2014-6592
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389...
CVE-2014-6592
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389...
CVE-2014-6592
Technical details for CVE-2014-6592 are not provided in the supplied connected documents; no affected products, root cause, or remediation are specified here. Monitor for updates from official sources to obtain concrete information.
NYU OpenSSO Integration Redirection Vulnerability
NYU OpenSSO Integration is a system that integrates PDS and Sun OpenSSO identity management applications. A redirection vulnerability exists in NYU OpenSSO Integration 2.1 and earlier, which allows remote attackers to redirect a user to an arbitrary web site via a redirection in the url parameter...
Open redirect
Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...
CVE-2014-7293
Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...
CVE-2014-7294
CVE-2014-7294 is an open redirect vulnerability in the logon page of Ex Libris Patron Directory Services (PDS) OpenSSO Integration 2.1 and earlier . The root cause is improper redirect handling in the login flow, allowing remote attackers to craft a URL with a redirect target in the url parameter...
CVE-2014-7294
Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...
CVE-2014-7293
CVE-2014-7293 describes a cross-site scripting (XSS) vulnerability on the login page of NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services (PDS). The issue allows remote attackers to inject arbitrary web script or HTML via the url parameter. According to the record, t...
CVE-2014-7293
Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...
Oracle OpenSSO Agent Detection
Binary data oracleopenssoagentinstalled.nbin...
Oracle OpenSSO Agent Multiple Vulnerabilities (October 2014 CPU)
The Oracle OpenSSO agent installed on the remote host is missing a vendor-supplied update. It is, therefore, affected by multiple vulnerabilities in the bundled Mozilla Network Security Services, the most serious of which can allow remote code execution. %NASLMINLEVEL 70300 C Tenable Network...
Oracle OpenSSO 8.0 - Multiple XSS POST Injection Vulnerabilities
No description provided by source. ?!-- Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities Vendor: Oracle Corporation Product web page: http://www.oracle.com Affected version: 8.0 Update 2 Patch3 Build 6.1 2011-June-8 05:24 Summary: Oracle OpenSSO is a complete solution that provides...
Oracle OpenSSO Detection
Binary data oracleopenssodetect.nbin...
Oracle OpenSSO Multiple Vulnerabilities (April 2014 CPU)
The remote Oracle OpenSSO install is missing a vendor-supplied update. It is, therefore, affected by multiple, unspecified vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid73738; scriptversion"1.9";...