Oracle Fusion Middleware vulnerabilities

CVE-2014-4202 [MEDIUM] CVE-2014-4202: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect availability via vectors related to WLS - Web Services.

CVE-2014-4267 [MEDIUM] CVE-2014-4267: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components.

CVE-2014-2480 [MEDIUM] CVE-2014-2480: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-2481.

CVE-2014-4222 [LOW] CVE-2014-4222: Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect confidentiality via vectors related to plugin 1.1.

CVE-2014-4251 [LOW] CVE-2014-4251: Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect integrity via vectors related to plugin 1.1.

CVE-2014-2470 [HIGH] CVE-2014-2470: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Security.

CVE-2014-2424 [MEDIUM] CVE-2014-2424: Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system.

CVE-2014-2416 [MEDIUM] CVE-2014-2416: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2417, and CVE-2014-2418.

CVE-2014-2400 [MEDIUM] CVE-2014-2400: Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 al Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2399.

CVE-2014-0426 [MEDIUM] CVE-2014-0426: Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413.

CVE-2014-2452 [MEDIUM] CVE-2014-2452: Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1. Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 allows remote authenticated users to affect availability via unknown vectors related to Webserver Plugin.

CVE-2014-2425 [MEDIUM] CVE-2014-2425: Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 P Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect confidentiality via unknown vectors.

CVE-2014-2417 [MEDIUM] CVE-2014-2417: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2416, and CVE-2014-2418.

CVE-2014-2407 [MEDIUM] CVE-2014-2407: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2415, CVE-2014-2416, CVE-2014-2417, and CVE-2014-2418.

CVE-2014-0450 [MEDIUM] CVE-2014-0450: Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection.

CVE-2014-0413 [MEDIUM] CVE-2014-0413: Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426.

CVE-2014-2426 [MEDIUM] CVE-2014-2426: Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 P Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity and availability via unknown vectors related to Admin Console.

CVE-2014-2399 [MEDIUM] CVE-2014-2399: Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 al Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2400.

CVE-2014-2415 [MEDIUM] CVE-2014-2415: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2416, CVE-2014-2417, and CVE-2014-2418.

CVE-2014-0414 [MEDIUM] CVE-2014-0414: Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via vectors related to HTTP Request Handling.