Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect integrity and availability via unknown vectors related to Load Testing for Web Apps. NOTE: the previous information is from...

Directory traversal

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Test Manager for Web Apps. NOTE: the...

Directory traversal

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0480,...

Directory traversal

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0480,...

CVE-2016-0478

CVE-2016-0478 corresponds to a directory traversal vulnerability in Oracle Application Testing Suite’s DownloadServlet. Affected products/versions cited: Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2, involving the DownloadServlet scriptName parameter; exploitation could allow read...

CVE-2016-0486

CVE-2016-0486 affects Oracle Application Testing Suite (ATS) on Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2. The vulnerability is a directory traversal in the DownloadServlet, exploited via the exportFileName parameter, allowing a remote unauthenticated attacker to read arbitrary...

CVE-2016-0490

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Test Manager for Web Apps, a different vulnerability than...

CVE-2016-0486

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0480,...

CVE-2016-0484

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps. NOTE: the previous information is from the Januar...

CVE-2016-0491

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect integrity and availability via unknown vectors related to Load Testing for Web Apps. NOTE: the previous information is from...

CVE-2016-0478

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0476 and...

CVE-2016-0476

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0477 and...

CVE-2016-0482

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0480,...

CVE-2016-0485

The CVE-2016-0485 issue affects Oracle Application Testing Suite (ATS) in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2. It is described as a directory traversal vulnerability in the DownloadServlet that can be triggered via the /otm/download endpoint using the reportName parameter...

EUVD-2016-0523

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load Testing for Web Apps, a different vulnerability than...

CVE-2016-0480

Oracle Application Testing Suite (ATS) versions 12.4.0.2 and 12.5.0.2 expose a directory-traversal vulnerability in the DownloadServlet when processing the TMAPReportImage parameter (CVE-2016-0480). Exploitation allows remote unauthenticated attackers to read arbitrary files from the server. The ...

CVE-2016-0492

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load Testing for Web Apps, a different vulnerability than...

CVE-2016-0487

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Test Manager for Web Apps, a different vulnerability than...

CVE-2016-0481

CVE-2016-0481 is a directory traversal vulnerability in Oracle’s Application Testing Suite (ATS) DownloadServlet affecting the /otm/download endpoint via the scheduleReportName parameter. The connected advisories (CPAI-2016-0306) describe the flaw as due to insufficient input validation, enabling...

EUVD-2016-0520

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0480,...