Vulnerabilities > Oracle > Fusion Middleware > 11.1.1.7.0

DATE CVE VULNERABILITY TITLE RISK
2015-01-21 CVE-2014-0191 Denial of Service vulnerability in Oracle Fusion Middleware 11.1.1.7.0/12.1.2.0.0/12.1.3.0.0
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.
network
oracle
4.3
4.3
2014-10-15 CVE-2014-6553 Remote Security vulnerability in Oracle Fusion Middleware 11.1.1.5.0/11.1.1.7.0
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 and 11.1.1.7 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Admin Console.
network
low complexity
oracle
6.4
6.4
2014-10-15 CVE-2014-6552 Remote Security vulnerability in Oracle Access Manager
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console.
network
oracle
4.3
4.3
2014-10-15 CVE-2014-6522 Remote Security vulnerability in Oracle JDeveloper
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7, 11.1.2.4, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via vectors related to ADF Faces.
network
oracle
4.3
4.3
2014-10-15 CVE-2014-6487 Remote Security vulnerability in Oracle Identity Manager
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote authenticated users to affect integrity via unknown vectors related to End User Self Service.
network
oracle
3.5
3.5
2014-07-17 CVE-2014-4257 Remote Security vulnerability in Oracle Fusion Middleware 11.1.1.7.0/11.1.1.8.0
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.8.0 allows remote attackers to affect confidentiality via unknown vectors related to Portlet Services.
network
oracle
7.1
7.1
2014-07-17 CVE-2014-4251 Remote Security vulnerability in Oracle HTTP Server
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect integrity via vectors related to plugin 1.1.
network
oracle
3.5
3.5
2014-07-17 CVE-2014-4249 Directory Traversal vulnerability in Oracle Fusion Middleware 11.1.1.7.0
Unspecified vulnerability in the BI Publisher component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Mobile Service.
network
low complexity
oracle
5.0
5.0
2014-07-17 CVE-2014-4222 Remote Security vulnerability in Oracle HTTP Server
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect confidentiality via vectors related to plugin 1.1.
network
high complexity
oracle
2.1
2.1
2014-07-17 CVE-2014-4212 Remote Security vulnerability in Oracle Fusion Middleware 11.1.1.7.0
Unspecified vulnerability in the Oracle Fusion Middleware component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Process Mgmt and Notification.
network
oracle
4.3
4.3