CVE Details for CVE: CVE-2011-0794
Summary
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5.0 allows local users to affect confidentiality, integrity, and availability, related to File ID SDK. NOTE: the previous information was obtained from the April 2011 CPU. Oracle has not commented on claims from a reliable third party that this issue is in (a) sccut.dll or (b) libsc_ut.so in Outside In 8.3.5.x through 8.3.5.5684, as used when using the CAB file identification functionality to parse OneNote (.onepkg) files and other formats.
| Timestamps | |
|---|---|
| Last major update | 25-05-2016 - 18:34 |
| Published | 20-04-2011 - 03:14 |
| Last modified | 25-05-2016 - 18:34 |
References
- http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
- http://secunia.com/advisories/44295
- http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=7009213&sliceId=1&docTypeID=DT_TID_1_1&dialogID=268451045&stateId=0%200%20268449309
- http://www.securityfocus.com/bid/47437
- http://www.kb.cert.org/vuls/id/520721
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-csa
- http://www-01.ibm.com/support/docview.wss?uid=swg21660640
CWE
CVSS
Base
4.4
Impact
6.4
Exploitability
3.4
Access
| Vector | Complexity | Authentication |
|---|---|---|
| LOCAL | MEDIUM | NONE |
Impact
| Confidentiality | Integrity | Availability |
|---|---|---|
| PARTIAL | PARTIAL | PARTIAL |
CVSS3
None