Release date:
Updated on:
Affected Systems:
Oracle Containers for J2EE 10.1.3.5
Description:
--------------------------------------------------------------------------------
Bugtraq id: 66859
CVE (CAN) ID: CVE-2014-0413
Oracle Containers for J2EE is the core J2EE runtime Component of Oracle Application Server.
Oracle Fusion Middleware 10.1.3.5 has a remote security vulnerability in the implementation of Oracle Containers for J2EE, which can be exploited through HTTP, unauthenticated remote attackers can exploit this vulnerability to affect the integrity of affected components. Versions affected by this vulnerability include: 10.1.3.5
<* Source: Oracle
Link: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Oracle
------
Oracle has released a Security Bulletin (cpuapr2014-1972952) and patches for this:
Cpuapr2014-1972952: Oracle Critical Patch Update Advisory-specification l 2014
Link: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html