Vulnerability Name: | CVE-2013-3776 (CCN-85663) | ||||||||
Assigned: | 2013-07-16 | ||||||||
Published: | 2013-07-16 | ||||||||
Updated: | 2018-10-12 | ||||||||
Summary: | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3781. Per: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html 'Outside In Technology is a suite of software development kits (SDKs). It does not have any particular associated protocol. If the hosting software passes data received over the network to Outside In Technology code, the CVSS Base Score would increase to 6.8.' | ||||||||
CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P) 5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-noinfo | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2013-3776 Source: JVN Type: UNKNOWN JVN#68663052 Source: JVNDB Type: UNKNOWN JVNDB-2013-000071 Source: OSVDB Type: UNKNOWN 95276 Source: CCN Type: Microsoft Security Bulletin MS13-061 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063) Source: CONFIRM Type: UNKNOWN http://www-01.ibm.com/support/docview.wss?uid=swg21660640 Source: CCN Type: Oracle Web Site Oracle Critical Patch Update - July 2013 Source: CONFIRM Type: Vendor Advisory http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html Source: BID Type: UNKNOWN 61234 Source: CCN Type: BID-61234 Oracle Outside In Technology CVE-2013-3776 Local Security Vulnerability Source: SECTRACK Type: UNKNOWN 1028801 Source: MS Type: UNKNOWN MS13-061 Source: XF Type: UNKNOWN oracle-cpujuly2013-cve20133776(85663) Source: XF Type: UNKNOWN oracle-cpujuly2013-cve20133776(85663) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:18243 | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |