Published: 15/01/2014 Updated: 07/02/2014

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.0, and 12.2.1 allows remote malicious users to affect confidentiality via unknown vectors related to DM Others.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle supply chain products suite 7.2.0.3
oracle supply chain products suite sql-server 7.3.0
oracle supply chain products suite sql-server 12.2.0
oracle supply chain products suite sql-server 7.3.1
oracle supply chain products suite sql-server 12.2.1

Details: The Team discovered a Local File Include (LFI) vulnerability A file inclusion vulnerability occurs when a file from the target system is injected into a page on the attacked server page The vulnerable page is: * /demantra/GraphServlet Impact: Impact can differ based on the exploitation and the read permission of the web server user D ...

Oracle Demantra version 1221 suffers from a local file inclusion vulnerability ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/64758 http://www.securitytracker.com/id/1029620 http://secunia.com/advisories/56474 http://www.securityfocus.com/bid/64831 http://osvdb.org/102094 https://nvd.nist.gov https://www.exploit-db.com/exploits/31992/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-5877

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect