Oracle Endeca IDI ETL Server DownloadFileContent Directory Traversal (CVE-2015-4745)

A directory traversal vulnerability exists in Oracle Endeca Information Discovery Integrator ETL Server. The vulnerability is due to insufficient input validation while processing SOAP requests to the DownloadFileConent operation. A remote authenticated attacker can leverage this vulnerability to...

Oracle Endeca IDI ETL Server UploadFileConent Directory Traversal (CVE-2015-2602)

A directory traversal vulnerability exists in Oracle Endeca Information Discovery Integrator ETL Server. The vulnerability is due to insufficient input validation while processing SOAP requests to the UploadFileConent operation. A remote authenticated attacker can leverage this vulnerability to...

Oracle Endeca Information Discovery Integrator ETL Server CopyFile Directory Traversal (CVE-2015-2604)

A directory traversal vulnerability exists in Oracle Endeca Information Discovery Integrator ETL Server. The vulnerability is due to insufficient input validation while processing SOAP requests to the CopyFile operation. By sending crafted SOAP requests to the target system, a remote authenticate...

Oracle Endeca Information Discovery Integrator ETL Server MoveFile Directory Traversal (CVE-2015-2605)

A directory traversal vulnerability has been reported in Oracle Endeca Information Discovery Integrator ETL Server. The vulnerability is due to a lack of input validation. A remote attacker can exploit this vulnerability by sending crafted SOAP requests to the target system, leading to informatio...

Oracle Endeca Information Discovery Integrator ETL Server RenameFile Directory Traversal (CVE-2015-2606)

A directory traversal vulnerability exists in Oracle Endeca Information Discovery Integrator ETL Server. The vulnerability is due to insufficient input validation while processing SOAP requests to the RenameFile operation. By sending crafted SOAP requests to the target system, a remote...

Oracle Endeca Information Discovery Integrator ETL Server MoveFile Remote Code Execution Vulnerability

This vulnerability allows remote attackers the ability to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known. The specific flaw exists in the handling of the MoveFile...

Oracle Endeca Information Discovery Integrator ETL Server CopyFile Remote Code Execution Vulnerability

This vulnerability allows remote attackers the ability to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known. The specific flaw exists in the handling of the CopyFile...

Oracle Endeca Information Discovery Integrator ETL Server UploadFileContent Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known. The specific flaw exists within the handling of file uploads using...