CVE-2010-3600

Public exploit
Unspecified vulnerability in the Client System Analyzer component in Oracle Database Server 11.1.0.7 and 11.2.0.1 and Enterprise Manager Grid Control 10.2.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this issue involves an exposed JSP script that accepts XML uploads in conjunction with NULL bytes in an unspecified parameter that allow execution of arbitrary code.
Max CVSS
7.5
EPSS Score
97.28%
Published
2011-01-19
Updated
2017-08-17
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0480, CVE-2016-0482, CVE-2016-0485, and CVE-2016-0486. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the DownloadServlet servlet, which allows remote attackers to read arbitrary files via directory traversal sequences in the scheduleReportName parameter.
Max CVSS
5.0
EPSS Score
92.43%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0477 and CVE-2016-0478. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the DownloadServlet servlet, which allows remote attackers to read arbitrary files via directory traversal sequences in the reportName parameter.
Max CVSS
5.0
EPSS Score
92.43%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality and availability via unknown vectors related to Agent Next Gen.
Max CVSS
5.2
EPSS Score
0.04%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen, a different vulnerability than CVE-2016-0444 and CVE-2016-0447.
Max CVSS
4.6
EPSS Score
0.04%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen, a different vulnerability than CVE-2016-0444 and CVE-2016-0449.
Max CVSS
4.6
EPSS Score
0.04%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality via unknown vectors related to Agent Next Gen.
Max CVSS
2.1
EPSS Score
0.04%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen.
Max CVSS
4.6
EPSS Score
0.04%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen, a different vulnerability than CVE-2016-0447 and CVE-2016-0449.
Max CVSS
4.4
EPSS Score
0.04%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 12.1.0.4, and 12.1.0.5 allows remote attackers to affect confidentiality via unknown vectors related to Agent Next Gen.
Max CVSS
4.3
EPSS Score
0.25%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Loader Service.
Max CVSS
6.5
EPSS Score
0.32%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Framework.
Max CVSS
4.0
EPSS Score
0.09%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 12.1.0.4, and 12.1.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to UI Framework.
Max CVSS
6.8
EPSS Score
0.67%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1 and 11.2.0.4 allows local users to affect confidentiality, integrity, and availability via vectors related to Agent Next Gen.
Max CVSS
4.6
EPSS Score
0.04%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 allows remote attackers to affect confidentiality via vectors related to Agent Next Gen.
Max CVSS
4.3
EPSS Score
0.25%
Published
2016-01-21
Updated
2016-12-07
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote attackers to affect availability via unknown vectors related to Agent Next Gen.
Max CVSS
5.0
EPSS Score
0.17%
Published
2015-10-21
Updated
2016-12-24
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen.
Max CVSS
4.1
EPSS Score
0.06%
Published
2015-10-21
Updated
2016-12-24
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Agent Next Gen.
Max CVSS
5.8
EPSS Score
0.15%
Published
2015-10-21
Updated
2016-12-24
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vectors related to RAC Management.
Max CVSS
5.0
EPSS Score
0.17%
Published
2015-07-16
Updated
2016-12-28
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management.
Max CVSS
5.5
EPSS Score
0.11%
Published
2015-07-16
Updated
2016-12-28
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via unknown vectors related to Content Management.
Max CVSS
4.3
EPSS Score
0.23%
Published
2015-07-16
Updated
2016-12-28
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.0.1 and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Ops Center.
Max CVSS
3.6
EPSS Score
0.08%
Published
2015-10-21
Updated
2016-12-24
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control MOS 12.1.0.5 and 12.1.0.6 allows remote attackers to affect integrity via unknown vectors related to My Oracle Support Plugin.
Max CVSS
4.3
EPSS Score
0.15%
Published
2015-04-16
Updated
2017-01-03
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.3 and 12.1.0.4 allows remote attackers to affect confidentiality via unknown vectors related to UI Framework.
Max CVSS
5.0
EPSS Score
0.19%
Published
2015-01-21
Updated
2017-01-03
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 11.1.3 and 12.1.4 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework.
Max CVSS
4.3
EPSS Score
0.18%
Published
2015-01-21
Updated
2016-06-24
84 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!