Oracle Fusion Middleware vulnerabilities

CVE-2014-2404 [MEDIUM] CVE-2014-2404: Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4. Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to WebGate.

CVE-2014-2418 [MEDIUM] CVE-2014-2418: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2416, and CVE-2014-2417.

CVE-2014-0465 [LOW] CVE-2014-0465: Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 P Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via unknown vectors related to Admin Console.

CVE-2013-5785 [HIGH] CVE-2013-5785: Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1 Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.6, 11.1.1.7, and 11.1.2.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security and Authentication.

CVE-2013-5900 [MEDIUM] CVE-2013-5900: Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect integrity via unknown vectors related to End User Self Service.

CVE-2013-5869 [MEDIUM] CVE-2013-5869: Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.6.0, 11.1.1.7.0, and 11.1.1.8.0 allows remote attackers to affect confidentiality via unknown vectors related to Page Service.

CVE-2013-5879 [MEDIUM] CVE-2013-5879: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance.

CVE-2014-0374 [MEDIUM] CVE-2014-0374: Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6 allows Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6 allows remote attackers to affect integrity via unknown vectors related to Page Parameters and Events.

CVE-2014-0400 [MEDIUM] CVE-2014-0400: Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 11. Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to OID LDAP server.

CVE-2014-0391 [MEDIUM] CVE-2014-0391: Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service.

CVE-2013-5901 [MEDIUM] CVE-2013-5901: Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0 and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to Identity Console.

CVE-2014-0383 [LOW] CVE-2014-0383: Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0 and 11.1.2.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Identity Console.

CVE-2013-5808 [LOW] CVE-2013-5808: Unspecified vulnerability in the Oracle iPlanet Web Proxy Server component in Oracle Fusion Middlewa Unspecified vulnerability in the Oracle iPlanet Web Proxy Server component in Oracle Fusion Middleware 4.0 allows remote attackers to affect confidentiality via unknown vectors related to Administration.

CVE-2013-5763 [LOW] CVE-2013-5763: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance. NOTE: the original disclosure of this issue erroneously mapped it to CVE-2013-3624.

CVE-2013-3831 [MEDIUM] CVE-2013-3831: Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6.0 allo Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Demos.

CVE-2013-5773 [MEDIUM] CVE-2013-5773: Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5.0 allows remote attackers to affect integrity via unknown vectors related to Servlet Runtime.

CVE-2013-5798 [MEDIUM] CVE-2013-5798: Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1. Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0.0 and 11.1.2.1.0 allows remote attackers to affect integrity via unknown vectors related to End User Self Service.

CVE-2013-5813 [MEDIUM] CVE-2013-5813: Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, 11.1.1.7.0, and 11.1.1.8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Content Server.

CVE-2013-3827 [MEDIUM] CVE-2013-3827: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality vi

CVE-2013-3833 [MEDIUM] CVE-2013-3833: Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1. Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5.0 and 11.1.2.0.0 allows remote attackers to affect integrity via unknown vectors related to Authentication Engine.