CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
26.1%
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5.0 allows local users to affect confidentiality, integrity, and availability, related to File ID SDK. NOTE: the previous information was obtained from the April 2011 CPU. Oracle has not commented on claims from a reliable third party that this issue is in (a) sccut.dll or (b) libsc_ut.so in Outside In 8.3.5.x through 8.3.5.5684, as used when using the CAB file identification functionality to parse OneNote (.onepkg) files and other formats.
Vendor | Product | Version | CPE |
---|---|---|---|
oracle | fusion_middleware | 8.3.5.0 | cpe:2.3:a:oracle:fusion_middleware:8.3.5.0:*:*:*:*:*:*:* |
secunia.com/advisories/44295
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-csa
www-01.ibm.com/support/docview.wss?uid=swg21660640
www.kb.cert.org/vuls/id/520721
www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=7009213&sliceId=1&docTypeID=DT_TID_1_1&dialogID=268451045&stateId=0%200%20268449309
www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
www.securityfocus.com/bid/47437