Oracle Fusion Middleware vulnerabilities

CVE-2016-0470 [MEDIUM] CVE-2016-0470: Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7. Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Publisher Security.

CVE-2016-0439 [MEDIUM] CVE-2016-0439: Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1 Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0430.

CVE-2016-0464 [MEDIUM] CVE-2016-0464: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to WLS-Console.

CVE-2016-0433 [MEDIUM] CVE-2016-0433: Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.9.0 allows r Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support.

CVE-2016-0404 [MEDIUM] CVE-2016-0404: Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11 Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.2.2 allows remote attackers to affect integrity via vectors related to Admin.

CVE-2015-4808 [LOW] CVE-2015-4808: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In Filters, a different vulnerability than CVE-2015-6013, CVE-2015-6014, CVE-2015-6015, and CVE-2016-0432.

CVE-2016-0432 [LOW] CVE-2016-0432: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2015-6015.

CVE-2016-0453 [LOW] CVE-2016-0453: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.

CVE-2015-4912 [MEDIUM] CVE-2015-4912: Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2. Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 and 11.1.2.3 allows remote attackers to affect confidentiality via vectors related to SSO Engine.

CVE-2015-4909 [MEDIUM] CVE-2015-4909: Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0, Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect integrity via vectors related to ADF Faces.

CVE-2015-4914 [LOW] CVE-2015-4914: Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Web Listener.

CVE-2015-4832 [MEDIUM] CVE-2015-4832: Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.7, 11.1.2.2, and 11.1.2.3 allows remote attackers to affect integrity via vectors related to OIM Legacy UI.

CVE-2015-4838 [MEDIUM] CVE-2015-4838: Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0, Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote authenticated users to affect confidentiality via vectors related to ADF Faces.

CVE-2015-4880 [MEDIUM] CVE-2015-4880: Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server, a different vulnerability than CVE-2015-4867.

CVE-2015-4867 [MEDIUM] CVE-2015-4867: Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server, a different vulnerability than CVE-2015-4880.

CVE-2015-4799 [MEDIUM] CVE-2015-4799: Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.1, and 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Security.

CVE-2015-4899 [MEDIUM] CVE-2015-4899: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality via unknown vectors related to Security.

CVE-2015-1829 [MEDIUM] CVE-2015-1829: Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener.

CVE-2015-4878 [LOW] CVE-2015-4878: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4877.

CVE-2015-4812 [LOW] CVE-2015-4812: Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 a Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to OSSL Module.