Description

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4294, CVE-2014-6538, and CVE-2014-6563.

Remediation

References

CVE-2014-4295

Related Vulnerabilities

Mailman Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4624)

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27149)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25601)

WebLogic Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-22965)

Python Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28359)

Severity

Medium

Classification

CVE-2014-4295

Tags

Missing Update Known Vulnerabilities