| CVE Description | CVSSv2 Base Score | Component | Product and Resolution |
|---|
| CVE-2012-0883 Permissions, Privileges, and Access Controls vulnerability | 6.9 | Apache HTTP server | |
| CVE-2012-2687 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability | 2.6 |
This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.