ID CVE-2013-3776
Summary Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3781. Per: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html 'Outside In Technology is a suite of software development kits (SDKs). It does not have any particular associated protocol. If the hosting software passes data received over the network to Outside In Technology code, the CVSS Base Score would increase to 6.8.'
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:fusion_middleware:8.3.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:8.3.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:8.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:8.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:8.4.1:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 12-10-2018 - 22:04)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
accepted 2013-10-14T04:00:12.566-04:00
class vulnerability
contributors
  • name SecPod Team
    organization SecPod Technologies
  • name Pooja Shetty
    organization SecPod Technologies
definition_extensions
  • comment Microsoft Exchange Server 2007 SP3 is installed
    oval oval:org.mitre.oval:def:15784
  • comment Microsoft Exchange Server 2010 SP2 is installed
    oval oval:org.mitre.oval:def:14151
  • comment Microsoft Exchange Server 2010 SP3 is installed
    oval oval:org.mitre.oval:def:17932
  • comment Microsoft Exchange Server 2013 Cumulative Update 1 is installed
    oval oval:org.mitre.oval:def:18838
  • comment Microsoft Exchange Server 2013 Cumulative Update 2 is installed
    oval oval:org.mitre.oval:def:18484
description Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3781.
family windows
id oval:org.mitre.oval:def:18243
status accepted
submitted 2013-08-19T11:51:17
title Oracle Outside In Contains Multiple Exploitable Vulnerabilities - CVE-2013-3776 (MS13-061)
version 5
refmap via4
bid 61234
confirm
jvn JVN#68663052
jvndb JVNDB-2013-000071
ms MS13-061
osvdb 95276
sectrack 1028801
xf oracle-cpujuly2013-cve20133776(85663)
Last major update 12-10-2018 - 22:04
Published 17-07-2013 - 13:41
Back to Top