CVE-2014-2404 Oracle Manager WebGate Subcomponent Unspecified Remote Information Disclosure

stock-footage-computer-code-background

 

 

CVE-2014-2404 Oracle Manager WebGate Subcomponent Unspecified Remote Information Disclosure

 

 

Exploit Title: Oracle Manager WebGate Subcomponent Unspecified Remote Information Disclosure

Product: Access Manager component in Oracle Fusion Middleware

Vendor: Oracle

Vulnerable Versions: 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0

Advisory Publication: Apr 15, 2014

Latest Update: Apr 15, 2014

Vulnerability Type: Information Exposure [CWE-200]

CVE Reference: CVE-2014-2404

Risk Level: Medium

CVSS v2 Base Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N) (legend)

Solution Status: Fixed by Vendor

Credit: Wang Jing [SPMS, Nanyang Technological University, Singapore]

 

 

http://www.osvdb.org/creditees/12822-wang-jing

Leave a comment

你的電子郵件位址並不會被公開。 必要欄位標記為 *

你可以使用這些 HTML 標籤與屬性: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>