Oracle Fusion Middleware vulnerabilities

CVE-2015-0443 [MEDIUM] CVE-2015-0443: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015

CVE-2015-0444 [MEDIUM] CVE-2015-0444: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015

CVE-2015-2623 [MEDIUM] CVE-2015-2623: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers to affect integrity via unknown vectors related to Java Server Faces.

CVE-2015-1926 [MEDIUM] CVE-2015-1926: Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle Applications Framework component in Oracle E-Business Suite 12.2.3 and 12.2.4, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Portal.

CVE-2015-4742 [MEDIUM] CVE-2015-4742: Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect availability via vectors related to ADF Faces.

CVE-2015-4747 [MEDIUM] CVE-2015-4747: Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CEP system.

CVE-2015-2598 [LOW] CVE-2015-2598: Unspecified vulnerability in the mobile app in Oracle Business Intelligence Enterprise Edition in Or Unspecified vulnerability in the mobile app in Oracle Business Intelligence Enterprise Edition in Oracle Fusion Middleware before 11.1.1.7.0 (11.6.39) allows remote authenticated users to affect integrity via unknown vectors related to Mobile - iPad.

CVE-2015-4744 [LOW] CVE-2015-4744: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via unknown vectors related to Java Server Faces.

CVE-2015-0461 [HIGH] CVE-2015-0461: Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1. Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 and 11.1.1.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Authentication Engine.

CVE-2015-0450 [MEDIUM] CVE-2015-0450: Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to WebCenter Spaces Application.

CVE-2015-0482 [MEDIUM] CVE-2015-0482: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.2 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.2.0 and 12.1.3.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices.

CVE-2015-0449 [MEDIUM] CVE-2015-0449: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect integrity via unknown vectors related to Console.

CVE-2015-0456 [MEDIUM] CVE-2015-0456: Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Portlet Services.

CVE-2015-0493 [LOW] CVE-2015-0493: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0474.

CVE-2015-0451 [LOW] CVE-2015-0451: Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 3.0-04 allows Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 3.0-04 allows remote authenticated users to affect confidentiality via vectors related to OpenSSO Web Agents.

CVE-2015-0474 [LOW] CVE-2015-0474: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0493.

CVE-2015-0396 [HIGH] CVE-2015-0396: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Admin Console.

CVE-2014-6548 [MEDIUM] CVE-2014-6548: Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 all Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 allows local users to affect confidentiality, integrity, and availability via vectors related to B2B Engine.

CVE-2015-0367 [MEDIUM] CVE-2015-0367: Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1. Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via vectors related to SSO Engine.

CVE-2014-6569 [MEDIUM] CVE-2014-6569: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality via vectors related to CIE Related Components.