Vulnerability Name: CVE-2012-5065 (CCN-79317) Assigned: 2012-10-17 Published: 2012-10-17 Updated: 2013-10-11 Summary: Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows local users to affect integrity via unknown vectors related to ImagePicker. CVSS v3 Severity: 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): LowAvailibility (A): None
CVSS v2 Severity: 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N 1.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N 1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
Vulnerability Type: CWE-noinfo Vulnerability Consequences: Other References: Source: MITRECVE-2012-5065 MDVSA-2013:150 Oracle Critical Patch Update Advisory - October 2012 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html Oracle WebCenter Sites CVE-2012-5065 Local Security Vulnerability Oracle Java SE CVE-2012-1531 Remote Java Runtime Environment Vulnerability Oracle Java SE CVE-2012-5084 Remote Java Runtime Environment Vulnerability webcentersites-imagepicker-cve20125065(79317) Vulnerable Configuration: Configuration 1 :cpe:/a:oracle:fusion_middleware:6.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.3:*:*:*:*:*:*:* Configuration 2 :cpe:/a:oracle:fusion_middleware:7.0:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.3:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.5:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.6.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.6.2:*:*:*:*:*:*:* Configuration 3 :cpe:/a:oracle:fusion_middleware:11.1.1.6.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:oracle:fusion_middleware:11.1.1.6.0:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.3:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.3:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.5:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.6.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.6.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0:*:*:*:*:*:*:* BACK
oracle fusion middleware 6.1
oracle fusion middleware 6.2
oracle fusion middleware 6.3
oracle fusion middleware 7.0
oracle fusion middleware 7.0.1
oracle fusion middleware 7.0.2
oracle fusion middleware 7.0.3
oracle fusion middleware 7.5
oracle fusion middleware 7.6.1
oracle fusion middleware 7.6.2
oracle fusion middleware 11.1.1.6.0
oracle fusion middleware 11.1.1.6.0
oracle fusion middleware 6.1
oracle fusion middleware 6.2
oracle fusion middleware 6.3
oracle fusion middleware 7.0.1
oracle fusion middleware 7.0.2
oracle fusion middleware 7.0.3
oracle fusion middleware 7.5
oracle fusion middleware 7.6.1
oracle fusion middleware 7.6.2
oracle fusion middleware 7.0
Denotes that component is vulnerable