Oracle Fusion Middleware vulnerabilities

CVE-2013-5816 [MEDIUM] CVE-2013-5816: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote attackers to affect availability via unknown vectors related to Metro.

CVE-2013-3828 [MEDIUM] CVE-2013-3828: Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 10.1.3.5. Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 10.1.3.5.0 and 11.1.1.6.0 allows remote attackers to affect confidentiality via unknown vectors related to Test Page.

CVE-2013-5791 [LOW] CVE-2013-5791: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a third party that the issue is a stack

CVE-2013-3836 [LOW] CVE-2013-3836: Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to ESI/Partial Page Caching.

CVE-2013-3769 [MEDIUM] CVE-2013-3769: Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote attackers to affect integrity via unknown vectors related to Site Studio.

CVE-2013-3776 [MEDIUM] CVE-2013-3776: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3781.

CVE-2013-3763 [MEDIUM] CVE-2013-3763: Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 an Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3764.

CVE-2013-3770 [MEDIUM] CVE-2013-3770: Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Server. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a th

CVE-2013-3764 [MEDIUM] CVE-2013-3764: Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 an Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3763.

CVE-2013-3772 [MEDIUM] CVE-2013-3772: Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote attackers to affect integrity via unknown vectors related to Web Forms.

CVE-2013-3781 [MEDIUM] CVE-2013-3781: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3776.

CVE-2013-3755 [MEDIUM] CVE-2013-3755: Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1. Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5.0 allows remote attackers to affect integrity via vectors related to SSO Engine.

CVE-2013-1542 [MEDIUM] CVE-2013-1542: Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Servlet Runtime.

CVE-2013-1545 [MEDIUM] CVE-2013-1545: Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.5.0, and 11.1.1.6.0 allows remote attackers to affect availability via unknown vectors related to Web Listener.

CVE-2013-1553 [MEDIUM] CVE-2013-1553: Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 1 Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.6.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Services Security.

CVE-2013-1509 [MEDIUM] CVE-2013-1509: Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.0, and 11.1.1.6.1 allows remote authenticated users to affect integrity via unknown vectors related to WebCenter Sites.

CVE-2013-1565 [MEDIUM] CVE-2013-1565: Unspecified vulnerability in the Oracle GoldenGate Veridata component in Oracle Fusion Middleware 3. Unspecified vulnerability in the Oracle GoldenGate Veridata component in Oracle Fusion Middleware 3.0.0.11 allows remote attackers to affect availability via unknown vectors.

CVE-2013-1516 [MEDIUM] CVE-2013-1516: Unspecified vulnerability in the Oracle WebCenter Capture component in Oracle Fusion Middleware 10.1 Unspecified vulnerability in the Oracle WebCenter Capture component in Oracle Fusion Middleware 10.1.3.5.1 allows remote authenticated users to affect availability via unknown vectors related to Import Server.

CVE-2013-1497 [MEDIUM] CVE-2013-1497: Unspecified vulnerability in the Oracle COREid Access component in Oracle Fusion Middleware 10.1.4.3 Unspecified vulnerability in the Oracle COREid Access component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to WebGate - WebServer plugin.

CVE-2013-1529 [MEDIUM] CVE-2013-1529: Unspecified vulnerability in the Oracle WebCenter Interaction component in Oracle Fusion Middleware Unspecified vulnerability in the Oracle WebCenter Interaction component in Oracle Fusion Middleware 6.5.1 and 10.3.3.0 allows remote attackers to affect integrity via unknown vectors related to Image Service.