CVE-2014-2399
CVE-2014-2399
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2400.
Affected products
n/a · n/apublic PoCs found — 3
cve_referencepacketstormsecurity.com/files/127222/Endeca-Latitude-2.2.2-Cross-Site-Request-Forgery.htmlunverifiedcve_referencewww.exploit-db.com/exploits/33897unverifiedexploitdbwww.exploit-db.com/exploits/33897unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/127222/Endeca-Latitude-2.2.2-Cross-Site-Request-Forgery.htmlhttp://seclists.org/fulldisclosure/2014/Jun/123http://www.exploit-db.com/exploits/33897http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.htmlhttp://www.securityfocus.com/archive/1/532556/100/0/threadedhttp://www.securityfocus.com/bid/66864