ID CVE-2013-3781
Summary Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3776. Per: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html 'Outside In Technology is a suite of software development kits (SDKs). It does not have any particular associated protocol. If the hosting software passes data received over the network to Outside In Technology code, the CVSS Base Score would increase to 6.8.'
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:fusion_middleware:8.3.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:8.3.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:8.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:8.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:8.4.1:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 12-10-2018 - 22:04)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
msbulletin via4
bulletin_id MS13-061
bulletin_url
date 2013-08-13T00:00:00
impact Remote Code Execution
knowledgebase_id 2876063
knowledgebase_url
severity Critical
title Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution
oval via4
accepted 2013-10-14T04:00:11.165-04:00
class vulnerability
contributors
  • name SecPod Team
    organization SecPod Technologies
  • name Pooja Shetty
    organization SecPod Technologies
definition_extensions
  • comment Microsoft Exchange Server 2007 SP3 is installed
    oval oval:org.mitre.oval:def:15784
  • comment Microsoft Exchange Server 2010 SP2 is installed
    oval oval:org.mitre.oval:def:14151
  • comment Microsoft Exchange Server 2010 SP3 is installed
    oval oval:org.mitre.oval:def:17932
  • comment Microsoft Exchange Server 2013 Cumulative Update 1 is installed
    oval oval:org.mitre.oval:def:18838
  • comment Microsoft Exchange Server 2013 Cumulative Update 2 is installed
    oval oval:org.mitre.oval:def:18484
description Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3776.
family windows
id oval:org.mitre.oval:def:18156
status accepted
submitted 2013-08-19T11:51:17
title Oracle Outside In Contains Multiple Exploitable Vulnerabilities - CVE-2013-3781 (MS13-061)
version 6
refmap via4
bid 61232
confirm
jvn JVN#07497769
jvndb JVNDB-2013-000070
sectrack 1028801
Last major update 12-10-2018 - 22:04
Published 17-07-2013 - 13:41
Last modified 12-10-2018 - 22:04
Back to Top