Oracle Fusion Middleware 11.1.1.6.0

CPE Details

Oracle Fusion Middleware 11.1.1.6.0
11.1.1.6.0
2012-07-18
12h03 +00:00
2012-07-25
13h26 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:fusion_middleware:11.1.1.6.0:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

fusion_middleware

Version

11.1.1.6.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-21994 2023-07-18 20h18 +00:00 Vulnerability in the Oracle Mobile Security Suite product of Oracle Fusion Middleware (component: Android Mobile Authenticator App). Supported versions that are affected are Prior to 11.1.2.3.1. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle Mobile Security Suite executes to compromise Oracle Mobile Security Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Mobile Security Suite accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
6.5
Medium
CVE-2015-2598 2015-07-16 08h00 +00:00 Unspecified vulnerability in the mobile app in Oracle Business Intelligence Enterprise Edition in Oracle Fusion Middleware before 11.1.1.7.0 (11.6.39) allows remote authenticated users to affect integrity via unknown vectors related to Mobile - iPad.
3.5
CVE-2014-0400 2014-01-15 01h50 +00:00 Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to OID LDAP server.
6.3
CVE-2014-0374 2014-01-15 00h33 +00:00 Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6 allows remote attackers to affect integrity via unknown vectors related to Page Parameters and Events.
4.3
CVE-2013-5785 2014-01-14 23h30 +00:00 Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.6, 11.1.1.7, and 11.1.2.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security and Authentication.
7.5
CVE-2013-5869 2014-01-14 23h30 +00:00 Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.6.0, 11.1.1.7.0, and 11.1.1.8.0 allows remote attackers to affect confidentiality via unknown vectors related to Page Service.
5
CVE-2013-5813 2013-10-16 15h31 +00:00 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, 11.1.1.7.0, and 11.1.1.8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Content Server.
6.4
CVE-2013-3828 2013-10-16 15h00 +00:00 Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 10.1.3.5.0 and 11.1.1.6.0 allows remote attackers to affect confidentiality via unknown vectors related to Test Page.
5
CVE-2013-3831 2013-10-16 15h00 +00:00 Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Demos.
5.5
CVE-2013-3836 2013-10-16 15h00 +00:00 Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to ESI/Partial Page Caching.
3.5
CVE-2013-3769 2013-07-17 08h00 +00:00 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote attackers to affect integrity via unknown vectors related to Site Studio.
4.3
CVE-2013-3770 2013-07-17 08h00 +00:00 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Server. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a third party that the issue is related to "iDoc script injection" in the (1) cs and (2) urm components, which allows attackers to read "sensitive" files, as demonstrated by obtaining the "AES encryption key and encrypted credentials" of the weblogic user.
5.5
CVE-2013-3772 2013-07-17 08h00 +00:00 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote attackers to affect integrity via unknown vectors related to Web Forms.
4.3
CVE-2013-1522 2013-04-17 10h10 +00:00 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 allows remote attackers to affect integrity via unknown vectors related to Content Server.
4.3
CVE-2013-1545 2013-04-17 10h10 +00:00 Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.5.0, and 11.1.1.6.0 allows remote attackers to affect availability via unknown vectors related to Web Listener.
5
CVE-2013-1553 2013-04-17 10h10 +00:00 Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.6.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Services Security.
6.4
CVE-2013-1559 2013-04-17 10h10 +00:00 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 allows remote authenticated users to affect availability via unknown vectors related to Content Server.
4
CVE-2012-4303 2013-04-17 03h04 +00:00 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 11.1.1.6.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Content Server.
3.5
CVE-2013-1503 2013-04-17 03h04 +00:00 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 allows remote authenticated users to affect integrity via unknown vectors related to Content Server.
3.5
CVE-2013-1509 2013-04-17 03h04 +00:00 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.0, and 11.1.1.6.1 allows remote authenticated users to affect integrity via unknown vectors related to WebCenter Sites.
4
CVE-2012-1677 2013-01-17 00h30 +00:00 Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via unknown vectors.
4.3
CVE-2012-5065 2012-10-17 08h00 +00:00 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows local users to affect integrity via unknown vectors related to ImagePicker.
2.1
CVE-2012-3152 2012-10-16 23h00 +00:00 Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the URLPARAMETER functionality allows remote attackers to read and upload arbitrary files to reports/rwservlet, and that this issue occurs in earlier versions. NOTE: this can be leveraged with CVE-2012-3153 to execute arbitrary code by uploading a .jsp file.
9.1
Critical
CVE-2012-3183 2012-10-16 22h00 +00:00 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3185 and CVE-2012-3186.
4.9
CVE-2012-3184 2012-10-16 22h00 +00:00 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote attackers to affect integrity via unknown vectors related to Advanced UI.
4.3
CVE-2012-3185 2012-10-16 22h00 +00:00 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3183 and CVE-2012-3186.
4.9
CVE-2012-3186 2012-10-16 22h00 +00:00 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3183 and CVE-2012-3185.
4.9
CVE-2012-3193 2012-10-16 22h00 +00:00 Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.3.4.2, 11.1.1.5.0, 11.1.1.6.0, and 11.1.1.6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Administration.
3.5
CVE-2012-3194 2012-10-16 22h00 +00:00 Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4.2, 11.1.1.5.0, 11.1.1.6.0, and 11.1.1.6.2 allows remote attackers to affect integrity via unknown vectors related to Administration.
4.3
CVE-2012-1686 2012-10-16 21h00 +00:00 Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.6 and other versions allows remote attackers to affect integrity via unknown vectors related to Installation.
4.3
CVE-2012-3153 2012-10-16 21h00 +00:00 Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the PARSEQUERY function allows remote attackers to obtain database credentials via reports/rwservlet/parsequery, and that this issue occurs in earlier versions. NOTE: this can be leveraged with CVE-2012-3152 to execute arbitrary code by uploading a .jsp file.
6.4
CVE-2012-3115 2012-07-17 20h39 +00:00 Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1, 11.1.1.5, and 11.1.1.6 allows remote attackers to affect integrity via unknown vectors related to Install.
4.3
CVE-2012-3135 2012-07-17 20h39 +00:00 Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.3 and before, and 27.7.2 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
10
CVE-2011-3562 2012-07-17 20h00 +00:00 Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect integrity via unknown vectors.
4.3
CVE-2012-1695 2012-05-03 20h00 +00:00 Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
6.8
Medium