CVE-2014-2424

medium

Description

Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system.

References

http://packetstormsecurity.com/files/127365/Oracle-Event-Processing-FileUploadServlet-Arbitrary-File-Upload.html

http://www.exploit-db.com/exploits/33989

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.osvdb.org/105844

http://www.securityfocus.com/bid/66871

Details

Source: MITRE

Published: 2014-04-16

Updated: 2014-07-24

Risk Information

CVSS v2

Base Score: 4

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM