What is CVE-2012-3153?

CVE-2012-3153 is a vulnerability in Oracle Fusion_middleware. Published 2012-10-16.

Is CVE-2012-3153 known to be exploited?

8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Oracle Fusion_middleware

CVE-2012-3153

Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet. NOTE…

EPSS: 0.917 (99.7th percentile) — read the EPSS interpretation.

Affected products

Oracle Fusion_middleware — versions 11.1.1.4.0, 11.1.1.6.0, 11.1.2.0
N/a — versions n/a

Public proof-of-concept exploits

References

fusionmiddleware-reports-cve20123153(79296) (vdb-entry, x_refsource_XF)
secalert_us@oracle.com (x_refsource_MISC)
31253 (exploit, x_refsource_EXPLOIT-DB)
20140127 Oracle Reports Exploit - Remote Shell/Dump Passwords (mailing-list, x_refsource_FULLDISC)
secalert_us@oracle.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
55961 (vdb-entry, x_refsource_BID)
secalert_us@oracle.com (x_refsource_MISC)
MDVSA-2013:150 (vendor-advisory, x_refsource_MANDRIVA)

Frequently asked questions

What is CVE-2012-3153?: CVE-2012-3153 is a vulnerability in Oracle Fusion_middleware. Published 2012-10-16.
Is CVE-2012-3153 known to be exploited?: 8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.