Description

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, CVE-2014-6547, and CVE-2014-6477.

Remediation

References

CVE-2014-4290

Related Vulnerabilities

Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10092)

WordPress Plugin DS.DownloadList PHP Object Injection (1.2)

Lighttpd Resource Management Errors Vulnerability (CVE-2008-0983)

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-2035)

Oracle Application Server CVE-2008-5438 Vulnerability (CVE-2008-5438)

Severity

Medium

Classification

CVE-2014-4290

Tags

Missing Update Known Vulnerabilities