Vulnerability Name: | CVE-2012-3107 (CCN-77008) | ||||||||
Assigned: | 2012-07-17 | ||||||||
Published: | 2012-07-17 | ||||||||
Updated: | 2018-10-12 | ||||||||
Summary: | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3108, and CVE-2012-3110. Per: http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html 'Outside In Technology is a suite of software development kits (SDKs). It does not have any particular associated protocol. If the hosting software passes data received over the network to Outside In Technology code, the CVSS score would increase to 6.8.' | ||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P) 1.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-noinfo | ||||||||
Vulnerability Consequences: | Denial of Service | ||||||||
References: | Source: CONFIRM Type: UNKNOWN http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx Source: MITRE Type: CNA CVE-2012-3107 Source: OSVDB Type: UNKNOWN 83908 Source: CCN Type: SA50019 Microsoft Exchange Server Oracle Outside In Technology Multiple Vulnerabilities Source: CCN Type: SA50049 Microsoft SharePoint and FAST Search Server Oracle Outside In Technology Multiple Vulnerabilities Source: CCN Type: SA50275 McAfee Security for Microsoft SharePoint / Microsoft Exchange Outside In Vulnerabilities Source: CCN Type: Microsoft Security Advisory (2737111) Vulnerabilities in Microsoft Exchange and FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution Source: CCN Type: Microsoft Security Bulletin MS12-058 Vulnerabilities in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358) Source: CCN Type: Microsoft Security Bulletin MS12-067 Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Elevation of Privilege (2742321) Source: CCN Type: Microsoft Security Bulletin MS12-080 Vulnerabilities in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2784126) Source: CCN Type: Microsoft Security Bulletin MS13-012 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2809279) Source: CCN Type: Microsoft Security Bulletin MS13-013 Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2784242) Source: CCN Type: Microsoft Security Bulletin MS13-061 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063) Source: CONFIRM Type: UNKNOWN http://technet.microsoft.com/security/advisory/2737111 Source: CONFIRM Type: UNKNOWN http://www-01.ibm.com/support/docview.wss?uid=swg21660640 Source: CCN Type: US-CERT VU#118913 Oracle Outside In contains multiple exploitable vulnerabilities Source: CERT-VN Type: US Government Resource VU#118913 Source: MANDRIVA Type: UNKNOWN MDVSA-2013:150 Source: CCN Type: Oracle Critical Patch Update Advisory - July 2012 Oracle Critical Patch Update Advisory - July 2012 Source: CONFIRM Type: Vendor Advisory http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html Source: CCN Type: OSVDB ID: 83908 Oracle Outside In Technology Outside In Filters Subcomponent SXD File Handling Overflow Source: BID Type: UNKNOWN 54504 Source: CCN Type: BID-54504 Oracle Outside In Technology CVE-2012-3107 Remote Code Execution Vulnerability Source: SECTRACK Type: UNKNOWN 1027264 Source: MS Type: UNKNOWN MS12-058 Source: MS Type: UNKNOWN MS12-067 Source: XF Type: UNKNOWN outsideintechnology-filters-dos(77008) Source: XF Type: UNKNOWN outsideintechnology-filters-dos(77008) Source: CCN Type: KB75998 Oracle Outside In vulnerabilities with McAfee Security for Microsoft Exchange 7.6 Source: CCN Type: McAfee Web site Security for Microsoft SharePoint 2.5.1 Hotfix 788524 Release Notes Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:15648 | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |