.. / CVE-2012-3153

Exploit for Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153) (CVE-2012-3153)

Description:

An unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component.

Nuclei Template

View the template here CVE-2012-3153.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2012/CVE-2012-3153.yaml

References:

http://blog.netinfiltration.com/2013/11/03/oracle-reports-cve-2012-3152-and-cve-2012-3153/
https://www.oracle.com/security-alerts/cpuoct2012.html
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
https://www.exploit-db.com/exploits/31737
https://nvd.nist.gov/vuln/detail/CVE-2012-3152

.. / CVE-2012-3153 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153) (CVE-2012-3153)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2012-3153