Oracle Reports rwservlet vulnerabilities

Description

netinfiltration reported various high severity vulnerabilities (and exploits) affecting Oracle Reports. These vulnerabilities allow an attacker to dump the database passwords, view folder contents, download files, load a phishing page in the browser and even gain a remote shell.

Remediation

Currently, Oracle didn't provided any fix for these vulnerabilities.

References

- CVE-2012-3152
- CVE-2012-3153

Severity

Classification

Tags

Code Execution

Related Vulnerabilities