Vulnerability CVE-2014-2424

Vulnerability CVE-2014-2424

Published: 2014-04-15 Modified: 2014-04-16

Description:

	Topic	Author	Date
High	Oracle Event Processing FileUploadServlet Arbitrary File Upload	Juan vazquez	07.07.2014

Type:

CVSS Base Score	Impact Subscore	Exploitability Subscore
4/10	2.9/10	8/10

Affected software
Oracle -> Fusion middleware

http://www.securityfocus.com/bid/66871

http://www.osvdb.org/105844

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.exploit-db.com/exploits/33989

http://packetstormsecurity.com/files/127365/Oracle-Event-Processing-FileUploadServlet-Arbitrary-File-Upload.html