Description

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege."

Remediation

References

CVE-2014-2408

Related Vulnerabilities

Magento Improper Authorization Vulnerability (CVE-2021-21026)

WordPress Plugin Events Made Easy PHP Object Injection (2.0.52)

WordPress Plugin File Manager Cross-Site Request Forgery (3.0.1)

Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0046)

WordPress Plugin Thumbnail carousel slider Arbitrary File Upload (1.0)

Severity

Medium

Classification

CVE-2014-2408

Tags

Missing Update Known Vulnerabilities