|CVE Description||CVSSv2 Base Score||Component||Product and Resolution|
|CVE-2012-2733 Improper Input Validation vulnerability ||5.0 ||Apache Tomcat || |
|CVE-2012-3439 DIGEST authentication implementation issues ||5.0 |
|CVE-2012-3546 Security constraints bypass vulnerability ||4.3 |
|CVE-2012-4431 CSRF prevention filter bypass vulnerability ||4.3 |
|CVE-2012-4534 Denial of Service (DoS) vulnerability ||2.6 |
This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.