CVE-2011-0808Code Injection in Oracle Fusion Middleware

CWE-94Code Injection5 documents4 sources
Severity
4.4MEDIUMNVD
EPSS
0.1%
top 64.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Fusion Middleware
Timeline
PublishedApr 20
Latest updateMay 17

Description

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Outside In Filters. NOTE: the previous information was obtained from the April 2011 CPU. Oracle has not commented on claims from a reliable third party that this issue is in (a) vswk6.dll or (b) libvs_wk6.so in Outside In 8.1.0.4037 through 8.3.5.5684, involving the Lotus 12

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 3.4 | Impact: 6.4

Affected Packages1 packages

NVDoracle/fusion_middleware8.3.2.0, 8.3.5.0+1

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-2jj6-c7mc-w7vr: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 82022-05-17
CVEList
CVE-2011-0808: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 82011-04-20

📋Vendor Advisories

2
Cisco
Cisco Security Agent Remote Code Execution Vulnerabilities2011-10-26
Cisco
Oracle Outside In Technology File Processing Arbitrary Code Execution Vulnerability2011-04-20
CVE-2011-0808 — Code Injection in Oracle | cvebase