Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-5791Improper Restriction of Operations within the Bounds of a Memory Buffer in Oracle Fusion Middleware

6 documents5 sources
Severity
1.5LOWNVD
EPSS
22.4%
top 4.16%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Oracle Fusion Middleware
Timeline
PublishedOct 16
Latest updateMay 14

Description

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a third party that the issue is a stack-based buffer overflow in the Microsoft Access 1.x parser in vsacs.dll before 8.4.0.108 and before 8.4.1.52, which allows attackers to

CVSS vector

AV:L/AC:M/C:N/I:N/A:PExploitability: 2.7 | Impact: 2.9

Affected Packages1 packages

NVDoracle/fusion_middleware8.4, 8.4.1+1

🔴Vulnerability Details

2
GHSA
GHSA-p93r-68pq-483j: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 82022-05-14
CVEList
CVE-2013-5791: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 82013-10-16

💥Exploits & PoCs

1
Exploit-DB
Oracle Outside In MDB - File Parsing Stack Buffer Overflow (PoC)2014-01-27

🕵️Threat Intelligence

2
Talos
Microsoft Update Tuesday: December 2013, some 0-day fixes2013-12-10
Talos
Microsoft Update Tuesday: December 2013, some 0-day fixes2013-12-10
CVE-2013-5791 — Oracle Fusion Middleware vulnerability | cvebase