Oracle Application Server Single Sign-On Unspecified Data
Oracle Application Server Single Sign-On Unspecified Data Manipulation Vulnerability
Release Date : 2013-01-16
Criticality level : Less critical
Impact: Manipulation of data
Where : From local network
Solution Status : Vendor Patch
Software: Oracle Application Server 10g
A vulnerability has been reported in Oracle Application Server, which can be exploited by malicious people to manipulate certain data.
The vulnerability is caused due to an error within the Single Sign-On component and can be exploited to update, insert, or delete certain Oracle Application Server Single Sign-On accessible data.
The vulnerability is reported in all supported versions.
Apply patches (please see the vendor's advisory for details
Provided and/or discovered by:
It is currently unclear who reported the vulnerability as the Oracle Critical Patch Update for January 2013 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information.