| CVE Description | CVSSv2 Base Score | Component | Product and Resolution |
|---|
| CVE-2012-2733 Improper Input Validation vulnerability | 5.0 | Apache Tomcat | |
| CVE-2012-3546 Security constraints bypass vulnerability | 4.3 |
| CVE-2012-4431 CSRF prevention filter bypass vulnerability | 4.3 |
| CVE-2012-4534 Denial of Service (DoS) vulnerability | 2.6 |
| CVE-2012-5885 Permissions, Privileges, and Access Controls vulnerability | 5.0 |
| CVE-2012-5886 Improper Authentication vulnerability | 5.0 |
| CVE-2012-5887 Improper Authentication vulnerability | 5.0 |
This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.