8271 matches found
CVE-2010-2396
CVE-2010-2396 affects Oracle Fusion Middleware, specifically the Forms component version 10.1.2.3. The vulnerability is described as an unspecified issue in the Forms component that could allow a remote attacker to affect integrity via unknown vectors. The CVSS v2 base score is 4.3 (Medium) with ...
CVE-2010-2390
CVE-2010-2390 describes a buffer overflow in the Oracle Enterprise Manager Grid Control EM Console component when processing overly long HTTP requests. The vulnerability affects Oracle Database Server 10.1.0.5/10.2.0.3, Oracle Fusion Middleware 10.1.2.3/10.1.4.3, and Enterprise Manager Grid Contr...
Oracle Releases Critical Patch for October 2010
Oracle has released its Critical Patch Update for October 2010 to address 85 vulnerabilities across multiple products. This update contains the following security fixes: 7 for Oracle Database Server 8 for Oracle Fusion Middleware 1 for Oracle Enterprise Manager Grid Control 6 for Oracle E-Busines...
Oracle Critical Patch Update Advisory - October 2010
Oracle Critical Patch Update Advisory - October 2010 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...
Oracle Fusion Middleware 10.1.210.1.3 - BPEL Console Cross-Site Scripting
Oracle Fusion Middleware 10.1.210.1.3 - BPEL Console Cross-Site Scripting source: https://www.securityfocus.com/bid/43954/info Oracle Fusion Middleware is prone to a cross-site scripting vulnerability in BPEL Console. The vulnerability can be exploited over the 'HTTP' protocol. For an exploit to...
Oracle Fusion Middleware 10.1.2/10.1.3 - BPEL Console Cross-Site Scripting
source: https://www.securityfocus.com/bid/43954/info Oracle Fusion Middleware is prone to a cross-site scripting vulnerability in BPEL Console. The vulnerability can be exploited over the 'HTTP' protocol. For an exploit to succeed, the attacker must have 'Valid Session' privileges. An attacker ma...
USN-969-1: PCSC-Lite vulnerability
It was discovered that the PC/SC service did not correctly handle malformed messages. A local attacker could exploit this to execute arbitrary code with root privileges...
CVE-2010-2381
Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0081...
CVE-2010-2375
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS...
CVE-2010-0835
Unspecified vulnerability in the Wireless component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors...
Buffer overflow
Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middleware 5.7 MP3, 6.0 MP5, and 10.3 MP2 allows remote attackers to affect integrity, related to BPM...
Buffer overflow
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS...
Design/Logic Flaw
Unspecified vulnerability in the Wireless component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0081...
CVE-2010-0835
CVE-2010-0835 affects Oracle Fusion Middleware Wireless component 10.1.2.3. The vulnerability is exploitable remotely via HTTP (Remote Exploit without Auth.: Yes) with a CVSS v2 base score of 4.3 (Network, Medium, Confidentiality: None, Integrity: Partial, Availability: None). Connected documents...
CVE-2010-2375
Oracle WebLogic Server Plug-in HTTP Injection (CVE-2010-2375) affects the WebLogic web-server plugins for Apache, Sun, and IIS; the vulnerability arises because the plugin fails to sanitize certain URL-encoded headers before forwarding requests to WebLogic, enabling unauthenticated remote attacke...
CVE-2010-0835
Unspecified vulnerability in the Wireless component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors...
CVE-2010-2370
CVE-2010-2370 affects Oracle Business Process Management within Oracle Fusion Middleware (versions 5.7 MP3, 6.0 MP5, 10.3 MP2). It is exposed over HTTP via the BPM Process Administrator and is listed with CVSS v2 base score 4.3 (Network, Medium complexity, no auth, partial impact to integrity). C...
CVE-2010-2375
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS...
CVE-2010-2381
CVE-2010-2381 affects Oracle Fusion Middleware Application Server Control, versions 10.1.2.3 and 10.1.4.0.1. The vulnerability allows remote attackers with a valid session to impact integrity via unknown vectors (Network, requires authentication per Oracle risk matrices). No public exploit detail...