Vulnerabilities > CVE-2012-3184 - Remote Security vulnerability in Oracle WebCenter Sites

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
oracle
nessus
exploit available
NVD
Published: 2012-10-17
Updated: 2013-10-11

Summary

Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote attackers to affect integrity via unknown vectors related to Advanced UI.

Vulnerable Configurations

Part Description Count
Application
Oracle
12

Exploit-Db

descriptionOracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities. CVE-2012-3183,CVE-2012-3184,CVE-2012-3185,CVE-2012-3186. Webapps exploits for multi...
idEDB-ID:22041
last seen2016-02-02
modified2012-10-17
published2012-10-17
reporterSEC Consult
sourcehttps://www.exploit-db.com/download/22041/
titleOracle WebCenter Sites FatWire Content Server Multiple Vulnerabilities

Nessus

NASL familyWindows
NASL idORACLE_WEBCENTER_SITES_OCT_2012_CPU.NASL
descriptionThe remote Oracle WebCenter Sites install is missing patches from the October 2012 CPU. As a result, it may be affected by multiple vulnerabilities : - A cross-site request forgery vulnerability exists that can be triggered by tricking a victim into clicking an image link on a specially crafted page. (CVE-2012-3185) - A flaw in the UI Subcomponent could allow an authenticated user the ability to alter the email address information of other users. (CVE-2012-3183) - The UI Subcomponent is affected by a cross-site scripting vulnerability due to lack of sanitization for the
last seen2020-06-01
modified2020-06-02
plugin id72778
published2014-03-03
reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/72778
titleOracle WebCenter Sites Multiple Vulnerabilities (October 2012 CPU)
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(72778);
  script_version("1.6");
  script_cvs_date("Date: 2019/11/26");

  script_cve_id(
    "CVE-2012-3183",
    "CVE-2012-3184",
    "CVE-2012-3185",
    "CVE-2012-3186",
    "CVE-2012-5065"
  );
  script_bugtraq_id(
    55968,
    55972,
    55980,
    55984,
    56001
  );
  script_xref(name:"EDB-ID", value:"22041");

  script_name(english:"Oracle WebCenter Sites Multiple Vulnerabilities (October 2012 CPU)");
  script_summary(english:"Checks for Oracle 2012 CPU patches");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has software installed that is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote Oracle WebCenter Sites install is missing patches from the
October 2012 CPU.  As a result, it may be affected by multiple
vulnerabilities :

  - A cross-site request forgery vulnerability exists that
    can be triggered by tricking a victim into clicking an
    image link on a specially crafted page. (CVE-2012-3185)

  - A flaw in the UI Subcomponent could allow an
    authenticated user the ability to alter the email
    address information of other users. (CVE-2012-3183)

  - The UI Subcomponent is affected by a cross-site
    scripting vulnerability due to lack of sanitization for
    the 'username' and 'StartItem' parameters.
    (CVE-2012-3184)

  - The 'selectedLocale' parameter in the UI Subcomponent is
    not properly sanitized and allows SQL injection.
    (CVE-2012-3186)

  - The Oracle WebCenter Sites ImagePicket Subcomponent is
    affected by an unspecified local vulnerability.
    (CVE-2012-5065)");
  # https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?87547c81");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2012 Oracle
Critical Patch Update advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-3186");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/10/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/03");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_webcenter_sites_installed.nbin");
  script_require_keys("SMB/WebCenter_Sites/Installed");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("smb_func.inc");
include("misc_func.inc");

port = kb_smb_transport();

get_kb_item_or_exit('SMB/WebCenter_Sites/Installed');

versions = get_kb_list('SMB/WebCenter_Sites/*/Version');
if (isnull(versions)) exit(1, 'Unable to obtain version list for Oracle WebCenter Sites');

report = '';

foreach key (keys(versions))
{
  fix = '';

  version = versions[key];
  revision = get_kb_item(key - '/Version' + '/Revision');
  path = get_kb_item(key - '/Version' + '/Path');

  if (isnull(version) || isnull(revision)) continue;

  #  Patch 14750912 - 11.1.1.6 < Revision 151599
  if (version =~ "^11\.1\.1\.6(\.|$)" && revision < 151599)
    fix = '\n  Fixed Revision : 151599' +
          '\n  Required Patch : 14750912';

  #  Patch 14583579 - 7.6.1 < Revision 148187
  if (version =~ "^7\.6\.1(\.|$)" && revision < 148187)
    fix = '\n  Fixed Revision : 148187' +
          '\n  Required Patch : 14583579';

  #  Patch 14583638 - 7.6.2 < Revision 148134
  if (version =~ "^7\.6\.2(\.|$)" && revision < 148134)
    fix = '\n  Fixed Revision : 148134' +
          '\n  Required Patch : 14583638';

  if (fix != '')
  {
    if (!isnull(path)) report += '\n  Path           : ' + path;
    report += '\n  Version        : ' + version +
              '\n  Revision       : ' + revision +
              fix + '\n';
  }
}

if (report != '')
{
  set_kb_item(name:"www/"+port+"/XSS", value:TRUE);
  set_kb_item(name:"www/"+port+"/SQLInjection", value:TRUE);
  set_kb_item(name:"www/"+port+"/XSRF", value:TRUE);

  if (report_verbosity > 0) security_warning(port:port, extra:report);
  else security_warning(port);
}
else audit(AUDIT_INST_VER_NOT_VULN, "Oracle WebCenter Sites");

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/117458/SA-20121017-2.txt
idPACKETSTORM:117458
last seen2016-12-05
published2012-10-17
reporterF. Lukavsky
sourcehttps://packetstormsecurity.com/files/117458/Oracle-WebCenter-Sites-AKA-FatWire-XSS-SQL-Injection-CSRF.html
titleOracle WebCenter Sites (AKA FatWire) XSS / SQL Injection / CSRF

Seebug

bulletinFamilyexploit
descriptionNo description provided by source.
idSSV:75854
last seen2017-11-19
modified2014-07-01
published2014-07-01
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-75854
titleOracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities

References