Vulnerabilities > CVE-2014-2416 - Remote Code Execution vulnerability in Oracle Fusion Middleware 11.1.1.3.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
oracle
nessus

Summary

Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2417, and CVE-2014-2418.

Vulnerable Configurations

Part Description Count
Application
Oracle
1

Nessus

NASL familyWindows
NASL idORACLE_DQPC_APRIL_2014_CPU.NASL
descriptionAccording to the version of the Oracle Data Quality and Profiling client installed on the remote host, it is affected by multiple unspecified ActiveX control vulnerabilities. By tricking a user into opening a specially crafted document, an attacker may be able to execute arbitrary code.
last seen2020-06-01
modified2020-06-02
plugin id73826
published2014-05-02
reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/73826
titleOracle Data Quality and Profiling Client Multiple Vulnerabilities (April 2014 CPU)