Security for everyone

CVE-2012-3152 & CVE-2012-3153 Scanner

Detects 'Remote Code Execution (RCE)' vulnerability in Oracle Reports Developer component in Oracle Fusion Middleware affects v.,, and


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2012-3152 & CVE-2012-3153 Scanner Detail

The Oracle Reports Developer component is a part of the Oracle Fusion Middleware, which is an integrated platform that allows for the development, deployment, and management of applications. Specifically, the Reports Developer component is used for creating and generating reports that extract data from databases and present it in various formats. This can be used for a multitude of purposes, such as business intelligence, financial reporting, and analytics.

Two of the vulnerabilities that has been detected in the Oracle Reports Developer component are CVE-2012-3152 and CVE-2012-3153. These vulnerabilities allows remote attackers to affect the confidentiality and integrity of the system by exploiting unknown vectors related to the Report Server Component. The precise details of the vectors have not been disclosed, but it has been documented that the URLPARAMETER functionality allows remote attackers to read and upload arbitrary files to reports/rwservlet. This issue has been found to occur in earlier versions of the Reports Developer component as well.

Exploiting this vulnerability can lead to numerous consequences, including data theft and loss, unauthorized access to sensitive information, and the possibility of arbitrary code execution. By uploading a .jsp file, attackers can execute arbitrary code on the affected system, allowing them to gain further access and control over it.

Thanks to the pro features of the platform, users can easily and quickly learn about vulnerabilities in their digital assets. Our platform provides comprehensive vulnerability scanning and reporting, as well as expert guidance and support, to ensure that your systems are fully protected against the latest threats. With, you can rest assured that your data and systems are in safe hands.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture