Oracle Weblogic Server vulnerabilities

CVE-2016-3505 [HIGH] CVE-2016-3505: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer Faces.

CVE-2016-5601 [MEDIUM] CWE-284 CVE-2016-5601: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.

CVE-2016-5488 [MEDIUM] CVE-2016-5488: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web Container, a different vulnerability than CVE-2016-3445.

CVE-2016-3510 [CRITICAL] CVE-2016-3510: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3586.

CVE-2016-3499 [CRITICAL] CVE-2016-3499: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0 and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Web Container.

CVE-2016-3586 [CRITICAL] CVE-2016-3586: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3510.

CVE-2016-3445 [MEDIUM] CVE-2016-3445: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web Container, a different vulnerability than CVE-2016-5488.

CVE-2016-0638 [CRITICAL] CVE-2016-0638: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service.

CVE-2016-0696 [MEDIUM] CVE-2016-0696: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 allows remote attackers to affect confidentiality and integrity via vectors related to Console.

CVE-2016-3416 [MEDIUM] CVE-2016-3416: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality and integrity via vectors related to Console.

CVE-2016-0700 [MEDIUM] CVE-2016-0700: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Console, a different vulnerability than CVE-2016-0675.

CVE-2016-0675 [MEDIUM] CVE-2016-0675: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Console, a different vulnerability than CVE-2016-0700.

CVE-2016-0688 [LOW] CVE-2016-0688: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to Core Components.

CVE-2016-0573 [HIGH] CVE-2016-0573: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Java Messaging Service.

CVE-2016-0574 [HIGH] CVE-2016-0574: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-0577.

CVE-2016-0577 [HIGH] CVE-2016-0577: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-0574.

CVE-2016-0572 [HIGH] CVE-2016-0572: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Coherence Container.

CVE-2015-4852 [CRITICAL] CWE-502 CVE-2015-4852: The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allo The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the

CVE-2010-4453 [MEDIUM] CVE-2010-4453: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7, Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7, 8.1.6, 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect integrity via unknown vectors related to Servlet Container.

CVE-2010-2375 [MEDIUM] CVE-2010-2375: Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebL Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.