Description
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2400.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by RedTeam Pentesting · textwebappsmultiple
https://www.exploit-db.com/exploits/33897
References (6)
Core 6
Core References
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Jun/123
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/33897
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/127222/Endeca-Latitude-2.2.2-Cross-Site-Request-Forgery.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/532556/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/66864
Scores
EPSS
0.2670
EPSS Percentile
96.4%
Details
Status
published
Products (1)
oracle/fusion_middleware
2.2.2
Published
Apr 16, 2014
Tracked Since
Feb 18, 2026