Oracle Fusion Middleware vulnerabilities

CVE-2013-1522 [MEDIUM] CVE-2013-1522: Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 allows remote attackers to affect integrity via unknown vectors related to Content Server.

CVE-2013-1514 [MEDIUM] CVE-2013-1514: Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote authenticated users to affect integrity via vectors related to RMI Support.

CVE-2013-1504 [MEDIUM] CVE-2013-1504: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2, 10.3.5, 10.3.6, and 12.1.1 allows remote attackers to affect integrity via unknown vectors related to WebLogic Console, a different vulnerability than CVE-2013-2390.

CVE-2013-2390 [MEDIUM] CVE-2013-2390: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2, 10.3.5, 10.3.6, and 12.1.1 allows remote attackers to affect integrity via unknown vectors related to WebLogic Console, a different vulnerability than CVE-2013-1504.

CVE-2013-1559 [MEDIUM] CVE-2013-1559: Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 allows remote authenticated users to affect availability via unknown vectors related to Content Server.

CVE-2012-4303 [LOW] CVE-2012-4303: Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 11.1 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 11.1.1.6.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Content Server.

CVE-2013-2393 [LOW] CVE-2013-2393: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.

CVE-2013-1503 [LOW] CVE-2013-1503: Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 allows remote authenticated users to affect integrity via unknown vectors related to Content Server.

CVE-2012-1677 [MEDIUM] CVE-2012-1677: Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via unknown vectors.

CVE-2012-5097 [MEDIUM] CVE-2012-5097: Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4. Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3.0, 11.1.1.5.0, and 11.1.2.0.0 allows remote attackers to affect integrity, related to OAM Webgate.

CVE-2013-0393 [MEDIUM] CVE-2013-0393: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-0418.

CVE-2013-0418 [MEDIUM] CVE-2013-0418: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-0393. NOTE: the previous information was obtained from the January 2013 CPU. Oracle has not comment

CVE-2012-3183 [MEDIUM] CVE-2012-3183: Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3185 and CVE-2012-3186.

CVE-2012-3185 [MEDIUM] CVE-2012-3185: Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3183 and CVE-2012-3186.

CVE-2012-3186 [MEDIUM] CVE-2012-3186: Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3183 and CVE-2012-3185.

CVE-2012-3194 [MEDIUM] CVE-2012-3194: Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4. Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4.2, 11.1.1.5.0, 11.1.1.6.0, and 11.1.1.6.2 allows remote attackers to affect integrity via unknown vectors related to Administration.

CVE-2012-3175 [MEDIUM] CVE-2012-3175: Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-0518.

CVE-2012-3184 [MEDIUM] CVE-2012-3184: Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote attackers to affect integrity via unknown vectors related to Advanced UI.

CVE-2012-3193 [LOW] CVE-2012-3193: Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.3.4.2, Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.3.4.2, 11.1.1.5.0, 11.1.1.6.0, and 11.1.1.6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Administration.

CVE-2012-5065 [LOW] CVE-2012-5065: Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows local users to affect integrity via unknown vectors related to ImagePicker.