Oracle JDeveloper Multiple Vulnerabilities (October 2015 CPU)
Medium Nessus Plugin ID 86545
SynopsisA software development application installed on the remote host is affected by multiple vulnerabilities.
DescriptionThe version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities :
- An unspecified flaw exists in the ADF Faces subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2015-4838)
- An unspecified flaw exists in the ADF Faces subcomponent that allows an unauthenticated, remote attacker to impact integrity. (CVE-2015-4909)
SolutionApply the appropriate patch according to the October 2015 Oracle Critical Patch Update advisory.