Vulnerabilities > CVE-2014-4249 - Directory Traversal vulnerability in Oracle Fusion Middleware 11.1.1.7.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Unspecified vulnerability in the BI Publisher component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Mobile Service.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Misc. |
| NASL id | ORACLE_BI_PUBLISHER_JULY_2014_CPU_WIN.NASL |
| description | The remote Oracle Business Intelligence Publisher install is affected by an unspecified information disclosure vulnerability related to the |
| last seen | 2020-05-23 |
| modified | 2014-07-23 |
| plugin id | 76709 |
| published | 2014-07-23 |
| reporter | This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/76709 |
| title | Oracle BI Publisher Mobile Service Unspecified Remote Information Disclosure (July 2014 CPU) |
References
- http://seclists.org/fulldisclosure/2014/Dec/23
- http://secunia.com/advisories/59111
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- http://www.securityfocus.com/archive/1/534161/100/0/threaded
- http://www.securityfocus.com/bid/68605
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94550