Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:ORACLE:EVNTPRO-DIR-TRAV

Severity

 Minor

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Oracle Event Processing FileUploadServlet Directory Traversal

Release Date

 2014/07/30

Update Number

 2404

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP:Oracle Event Processing FileUploadServlet Directory Traversal


This signature detects attempts to exploit a known directory traversal vulnerability in Oracle Application Server. It is due to improper handling of user data when processing several request parameter values. A remote attacker can exploit this by sending specially crafted request to the target system. A successful attack can allow disclosure of sensitive information.

Extended Description

Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system.

Affected Products

  • Oracle fusion_middleware 11.1.1.7.0

References

  • BugTraq: 66871
  • CVE: CVE-2014-2424
  • URL: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out