SB20260120113 - Multiple vulnerabilities in Oracle Fusion Middleware

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20260120113

SB20260120113 - Multiple vulnerabilities in Oracle Fusion Middleware

Published: January 20, 2026

Security Bulletin ID SB20260120113
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 40% Medium 40% Low 20%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2025-31672)

The vulnerability allows a remote attacker to manipulate file parsing behavior.

The vulnerability stems from the way Apache POI handles zip entries in OOXML format files. When duplicate file names (including paths) exist within the zip structure, different products may select different zip entries with the same name, leading to inconsistent data interpretation. A remote attacker can manipulate file parsing behavior through specially crafted OOXML files containing ZIP entries with duplicate file names. This manipulation can result in inconsistent data processing across different systems, potentially leading to security issues and data integrity concerns.


2) Improper input validation (CVE-ID: CVE-2025-26333)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Platform (BSAFE Crypto-J) component in Oracle Communications Billing and Revenue Management. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.


3) Buffer overflow (CVE-ID: CVE-2022-41342)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.


4) Heap-based buffer overflow (CVE-ID: CVE-2024-56406)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the S_do_trans_invmap() function. A remote attacker can pass specially crafted input to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.



5) XML External Entity injection (CVE-ID: CVE-2025-4949)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket. A remote attacker can pass a specially crafted XML code to the affected application and view contents of arbitrary files on the system or initiate requests to external systems.

Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.


Remediation

Install update from vendor's website.

References