CVE-2012-5065 - Vulnerability Details - OpenCVE

Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows local users to affect integrity via unknown vectors related to ImagePicker.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oracle	Fusion Middleware

Configuration 1 [-]

OR	cpe:2.3:a:oracle:fusion_middleware:6.1:::::::*
	cpe:2.3:a:oracle:fusion_middleware:6.2:::::::*
	cpe:2.3:a:oracle:fusion_middleware:6.3:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:oracle:fusion_middleware:7.0:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.0.1:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.0.2:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.0.3:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.5:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.6.1:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.6.2:::::::*

Configuration 3 [-]

cpe:2.3:a:oracle:fusion_middleware:11.1.1.6.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2012-10-17T10:00:00.000Z

Updated: 2024-08-06T20:50:18.348Z

Reserved: 2012-09-22T00:00:00.000Z

Link: CVE-2012-5065

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-10-17T10:54:31.617

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-5065

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-10-16T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows local users to affect integrity via unknown vectors related to ImagePicker."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-10-11T09:00:00.000Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"}, {"name": "MDVSA-2013:150", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2012-5065", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows local users to affect integrity via unknown vectors related to ImagePicker."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"}, {"name": "MDVSA-2013:150", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:50:18.348Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"}, {"name": "MDVSA-2013:150", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2012-5065", "datePublished": "2012-10-17T10:00:00.000Z", "dateReserved": "2012-09-22T00:00:00.000Z", "dateUpdated": "2024-08-06T20:50:18.348Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:fusion_middleware:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "7586B144-029F-4B80-8FCC-6409AE280DDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "27A294BA-A23C-4877-8F9E-4636F8ED60CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "59609F1A-A704-4CC2-810E-CC64A7CC2FF1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6637A7C5-6831-48AA-B8DA-ED1A6986C258", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4368A818-61FB-478C-BFD0-AB4ACD94FEE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5626162E-9625-4B14-8B40-498FE80140FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6F87F41B-7EE6-46E6-9183-D6E95C3C429D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "09760D9F-652A-4874-A6FD-F83B58FBCE53", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CAD8A95-DE88-4DCC-91BB-C5290A4F93F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "2A9B040F-4062-45C1-A659-B5E9242B54CD", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:fusion_middleware:11.1.1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "6935E726-6AA6-468F-AAEB-BC679FD5CFFC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows local users to affect integrity via unknown vectors related to ImagePicker."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente de Oracle WebCenter Sites de Oracle Fusion Middleware v6.1 v6.2 v6.3.x, v7, v7.0.1, v7.0.2, v7.0.3, v7.5, v7.6.1, v7.6.2, y v11.1.1.6.0 permite a usuarios locales afectan la integridad a trav\u00e9s de vectores desconocidos relacionados con ImagePicker."}], "id": "CVE-2012-5065", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-10-17T10:54:31.617", "references": [{"source": "secalert_us@oracle.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}