Oracle Fusion Middleware vulnerabilities

CVE-2010-3592 [HIGH] CVE-2010-3592: Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1. Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity and availability via unknown vectors related to Internal Operations.

CVE-2010-3595 [HIGH] CVE-2010-3595: Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1. Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect confidentiality via unknown vectors related to Import Server. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from the original researcher that remote att

CVE-2010-3598 [HIGH] CVE-2010-3598: Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1. Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Import Export Utility.

CVE-2010-4437 [MEDIUM] CVE-2010-4437: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet Container.

CVE-2010-4416 [MEDIUM] CVE-2010-4416: Unspecified vulnerability in the Oracle GoldenGate Veridata component in Oracle Fusion Middleware 3. Unspecified vulnerability in the Oracle GoldenGate Veridata component in Oracle Fusion Middleware 3.0.0.4 allows remote attackers to affect availability via unknown vectors related to Server. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party researcher that this is a buffer ov

CVE-2010-4453 [MEDIUM] CVE-2010-4453: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7, Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7, 8.1.6, 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect integrity via unknown vectors related to Servlet Container.

CVE-2010-3588 [MEDIUM] CVE-2010-3588: Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 10.1.2.3, 1 Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 10.1.2.3, 11.1.1.2.0, and 11.1.1.3.0 allows remote authenticated users to affect confidentiality and integrity, related to EUL Code & Schema.

CVE-2010-4455 [MEDIUM] CVE-2010-4455: Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 a Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 and 11.1.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Apache Plugin.

CVE-2010-3597 [LOW] CVE-2010-3597: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.0 allows local users to affect availability, related to Outside In Viewer SDK.

CVE-2010-4427 [LOW] CVE-2010-4427: Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4. Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4.0, 10.1.3.4.1, and 11.1.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Web Server.

CVE-2010-4425 [LOW] CVE-2010-4425: Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.3. Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.3.2, 10.1.3.4.0, and 10.1.3.4.1 allows remote authenticated users to affect integrity via unknown vectors related to Web Server.

CVE-2010-2390 [HIGH] CVE-2010-2390: Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server 10.1.0.5 and 10.2.0.3, Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3, and Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2010-3501 [MEDIUM] CVE-2010-3501: Unspecified vulnerability in the OID component in Oracle Fusion Middleware 10.1.2.3, 10.1.4.3, and 1 Unspecified vulnerability in the OID component in Oracle Fusion Middleware 10.1.2.3, 10.1.4.3, and 11.1.1.2.0 allows remote attackers to affect availability via unknown vectors.

CVE-2010-2413 [MEDIUM] CVE-2010-2413: Unspecified vulnerability in the BI Publisher component in Oracle Fusion Middleware 10.1.3.3.2 and 1 Unspecified vulnerability in the BI Publisher component in Oracle Fusion Middleware 10.1.3.3.2 and 10.1.3.4.1 allows remote attackers to affect integrity via unknown vectors.

CVE-2010-2396 [MEDIUM] CVE-2010-2396: Unspecified vulnerability in the Forms component in Oracle Fusion Middleware 10.1.2.3 allows remote Unspecified vulnerability in the Forms component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors.

CVE-2010-2409 [MEDIUM] CVE-2010-2409: Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3. Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2395 and CVE-2010-2410.

CVE-2010-2410 [MEDIUM] CVE-2010-2410: Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3. Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2395 and CVE-2010-2409.

CVE-2010-2395 [MEDIUM] CVE-2010-2395: Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3. Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2409 and CVE-2010-2410.

CVE-2010-2389 [LOW] CVE-2010-2389: Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0 Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Logon.

CVE-2010-3581 [LOW] CVE-2010-3581: Unspecified vulnerability in the BPEL Console component in Oracle Fusion Middleware 11.1.1.1.0 and 1 Unspecified vulnerability in the BPEL Console component in Oracle Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0 allows remote authenticated users to affect integrity via unknown vectors.