Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.3.4.2, 11.1.1.5.0, 11.1.1.6.0, and 11.1.1.6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Administration.
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150