Vulnerabilities > CVE-2014-2416 - Remote Code Execution vulnerability in Oracle Fusion Middleware 11.1.1.3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2417, and CVE-2014-2418.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Windows |
NASL id | ORACLE_DQPC_APRIL_2014_CPU.NASL |
description | According to the version of the Oracle Data Quality and Profiling client installed on the remote host, it is affected by multiple unspecified ActiveX control vulnerabilities. By tricking a user into opening a specially crafted document, an attacker may be able to execute arbitrary code. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 73826 |
published | 2014-05-02 |
reporter | This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/73826 |
title | Oracle Data Quality and Profiling Client Multiple Vulnerabilities (April 2014 CPU) |