CVE-2011-0794

Sažetak

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5.0 allows local users to affect confidentiality, integrity, and availability, related to File ID SDK. NOTE: the previous information was obtained from the April 2011 CPU. Oracle has not commented on claims from a reliable third party that this issue is in (a) sccut.dll or (b) libsc_ut.so in Outside In 8.3.5.x through 8.3.5.5684, as used when using the CAB file identification functionality to parse OneNote (.onepkg) files and other formats.

Reference

http://secunia.com/advisories/44295
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-csa
http://www.kb.cert.org/vuls/id/520721
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=7009213&sliceId=1&docTypeID=DT_TID_1_1&dialogID=268451045&stateId=0%200%20268449309
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
http://www.securityfocus.com/bid/47437
http://www-01.ibm.com/support/docview.wss?uid=swg21660640

CVSS

Base:	4.4
Impact:	6.4
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

25-05-2016 - 18:34

Objavljeno

20-04-2011 - 03:14