ID CVE-2014-2407
Summary Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2415, CVE-2014-2416, CVE-2014-2417, and CVE-2014-2418.
References
Vulnerable Configurations
  • Oracle Fusion Middleware 11.1.1.3.0
    cpe:2.3:a:oracle:fusion_middleware:11.1.1.3.0
CVSS
Base: 5.0 (as of 17-05-2016 - 21:10)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
NASL family Windows
NASL id ORACLE_DQPC_APRIL_2014_CPU.NASL
description According to the version of the Oracle Data Quality and Profiling client installed on the remote host, it is affected by multiple unspecified ActiveX control vulnerabilities. By tricking a user into opening a specially crafted document, an attacker may be able to execute arbitrary code.
last seen 2019-02-21
modified 2018-11-15
plugin id 73826
published 2014-05-02
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=73826
title Oracle Data Quality and Profiling Client Multiple Vulnerabilities (April 2014 CPU)
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
Last major update 18-05-2016 - 14:10
Published 15-04-2014 - 21:55
Back to Top