| CVE Description | CVSSv2 Base Score | Component | Product and Resolution |
|---|
| CVE-2012-2733 Improper Input Validation vulnerability | 5.0 | Apache Tomcat | |
| CVE-2012-3439 DIGEST authentication implementation issues | 5.0 |
| CVE-2012-3546 Security constraints bypass vulnerability | 5.5 |
| CVE-2012-4431 CSRF prevention filter bypass vulnerability | 4.3 |
| CVE-2012-4534 Denial of Service (DoS) vulnerability | 4.3 |
This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.