Oracle Fusion Middleware vulnerabilities

CVE-2010-2370 [MEDIUM] CVE-2010-2370: Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middl Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middleware 5.7 MP3, 6.0 MP5, and 10.3 MP2 allows remote attackers to affect integrity, related to BPM.

CVE-2010-0835 [MEDIUM] CVE-2010-0835: Unspecified vulnerability in the Wireless component in Oracle Fusion Middleware 10.1.2.3 allows remo Unspecified vulnerability in the Wireless component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors.

CVE-2010-2381 [LOW] CVE-2010-2381: Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10 Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0081.

CVE-2010-0081 [LOW] CVE-2010-0081: Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10 Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2381.

CVE-2010-1622 [MEDIUM] CWE-94 CVE-2010-1622: SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3. SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.

CVE-2010-0853 [HIGH] CVE-2010-0853: Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2 Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2.0.8, and DV; and Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2010-0856 [MEDIUM] CVE-2010-0856: Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.2 Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.2 allows remote attackers to affect availability via unknown vectors.

CVE-2010-0086 [MEDIUM] CVE-2010-0086: Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0855.

CVE-2010-0872 [MEDIUM] CVE-2010-0872: Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 10. Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3 allows remote attackers to affect availability via unknown vectors.

CVE-2010-0855 [MEDIUM] CVE-2010-0855: Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0086.