CVE-2011-0794

high

Description

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5.0 allows local users to affect confidentiality, integrity, and availability, related to File ID SDK. NOTE: the previous information was obtained from the April 2011 CPU. Oracle has not commented on claims from a reliable third party that this issue is in (a) sccut.dll or (b) libsc_ut.so in Outside In 8.3.5.x through 8.3.5.5684, as used when using the CAB file identification functionality to parse OneNote (.onepkg) files and other formats.

References

http://www.securityfocus.com/bid/47437

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=7009213&sliceId=1&docTypeID=DT_TID_1_1&dialogID=268451045&stateId=0%200%20268449309

http://www.kb.cert.org/vuls/id/520721

http://www-01.ibm.com/support/docview.wss?uid=swg21660640

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-csa

http://secunia.com/advisories/44295

Details

Source: Mitre, NVD

Published: 2011-04-20

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High