ID CVE-2015-0474
Summary Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0493. Per Oracle: Outside In Technology is a suite of software development kits (SDKs). It does not have any particular associated protocol. If the hosting software passes data received over the network to Outside In Technology code, the CVSS Base Score would increase to 6.8. (http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html)
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:fusion_middleware:8.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:8.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:8.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:8.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:8.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:8.5.1:*:*:*:*:*:*:*
CVSS
Base: 1.5 (as of 03-01-2017 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:L/AC:M/Au:S/C:N/I:N/A:P
refmap via4
bid 74139
confirm http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
sectrack 1032131
Last major update 03-01-2017 - 02:59
Published 16-04-2015 - 16:59
Last modified 03-01-2017 - 02:59
Back to Top