Exploit Title: Oracle Manager WebGate Subcomponent Unspecified Remote Information Disclosure
Product: Access Manager component in Oracle Fusion Middleware
Vendor: Oracle
Vulnerable Versions: 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0
Advisory Publication: Apr 15, 2014
Latest Update: Apr 15, 2014
Vulnerability Type: Information Exposure [CWE-200]
CVE Reference: CVE-2014-2404
Risk Level: Medium
CVSS v2 Base Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N) (legend)
Solution Status: Fixed by Vendor
Credit: Wang Jing [Mathematics, Nanyang Technological University, Singapore]

 

 

Exploit Title: Oracle Manager WebGate Subcomponent Unspecified Remote Information Disclosure
Product: Access Manager component in Oracle Fusion Middleware
Vendor:    Oracle
Vulnerable Versions: 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0
Advisory Publication: Apr 15, 2014
Latest Update:    Apr 15, 2014
Vulnerability Type: Information Exposure [CWE-200]
CVE Reference: CVE-2014-2404
Risk Level: Medium
CVSS v2 Base Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N) (legend)
Solution Status: Fixed by Vendor
Credit: Wang Jing [Mathematics, Nanyang Technological University, Singapore]

 

 

 

Extra information
Solution : Apply updates.
Reported by : Jing Wang.
Changelog : 2014-06-13: Updated “Description” section and credits. Added
one link to the “Original Advisory” section.
Reference original advisory : Oracle:

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>