Oracle PeopleSoft Human Capital Management contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when an unspecified issue related to the ePerformance component is exploited, which will disclose certain unspecified information to a remote authenticated attacker.

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

• Security Tracker: 1026533
• CVE ID: 2012-0076 (see also: NVD)
• Secunia Advisory ID: 47622
• Bugtraq ID: 51474
• ISS X-Force ID: 72484
• Related OSVDB ID: 78396 78397 78398
• Vendor Specific Advisory URL: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixPS

• Not Available