Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
http://www.securityfocus.com/bid/70453
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html