Language:
Severity: Medium
ID: 69478
File Name: oracle_webcenter_content_apr_2013_cpu.nasl
Version: 1.12
Type: remote
Family: CGI abuses
Published: 8/20/2013
Updated: 4/11/2022
Configuration: Enable paranoid mode, Enable thorough checks
Supported Sensors: Nessus
Risk Factor: Medium
Score: 4.2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.6
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS Score Source: CVE-2013-1522
CPE: cpe:/a:oracle:fusion_middleware
Required KB Items: installed_sw/Oracle WebCenter Content, Settings/ParanoidReport
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Available: true
Exploit Ease: No exploit is required
Patch Publication Date: 4/17/2013
Vulnerability Publication Date: 4/17/2013
CANVAS (D2ExploitPack)
Core Impact
Metasploit (Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution)