3 matches found
CVE-2016-0490
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Test Manager for Web Apps, a different vulnerability than...
CVE-2016-0486
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0480,...
CVE-2016-0484
CVE-2016-0484 affects Oracle Application Testing Suite (in Oracle Enterprise Manager Grid Control) with a DownloadServlet scriptPath directory traversal in 12.4.0.2/12.5.0.2. Exploitation described in ZDI-16-034 and CPAI-2016-0342 indicates remote, unauthenticated file exfiltration via scriptPath...