Oracle GoldenGate CVE-2016-0452 Arbitrary File Upload Vulnerability

Oracle GoldenGate is prone to an arbitrary file-upload vulnerability.

The vulnerability can be exploited over the 'Oracle Golden Gate' protocol. An attacker does not require privileges to exploit this vulnerability.

An attacker may leverage this issue to upload arbitrary files to the affected webserver; this can result in arbitrary code execution within the context of the vulnerable application.

Note: This issue was previously titled 'Oracle GoldenGate CVE-2016-0452 Remote Security Vulnerability'. The title and technical details have been changed to better reflect the vulnerability information.

This vulnerability affects the following supported versions:
11.2, 12.1.2


 

Privacy Statement
Copyright 2010, SecurityFocus