CVE-2016-3504

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to ADF Faces.

Published: Jul 21, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-3504
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / jdeveloper	11.1.2.4.0	11.1.2.4.0.x
oracle / jdeveloper	11.1.1.7.0	11.1.1.7.0.x
oracle / jdeveloper	11.1.1.9.0	11.1.1.9.0.x
oracle / jdeveloper	12.2.1.0.0	12.2.1.0.0.x
oracle / jdeveloper	12.1.3.0.0	12.1.3.0.0.x

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.securityfocus.com/bid/91787
http://www.securityfocus.com/bid/92023
http://www.securitytracker.com/id/1036370

Vulnerability Database

289,599

CVE-2016-3504