CVE-2014-2404 Oracle Manager WebGate Subcomponent Unspecified Remote Information Disclosure

stock-footage-computer-code-background

CVE-2014-2404 Oracle Manager WebGate Subcomponent Unspecified Remote Information Disclosure

Exploit Title: Oracle Manager WebGate Subcomponent Unspecified Remote Information Disclosure

Product: Access Manager component in Oracle Fusion Middleware

Vendor: Oracle

Vulnerable Versions: 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0

Advisory Publication: Apr 15, 2014

Latest Update: Apr 15, 2014

Vulnerability Type: Information Exposure [CWE-200]

CVE Reference: CVE-2014-2404

Risk Level: Medium

CVSS v2 Base Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N) (legend)

Solution Status: Fixed by Vendor

Credit: Wang Jing [SPMS, Nanyang Technological University, Singapore]

http://www.osvdb.org/creditees/12822-wang-jing

Advertisements
This entry was posted in Computer Security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s