Vulnerabilities > CVE-2011-0808 - Remote Code Execution vulnerability in Oracle Outside In Technology Lotus 123 File Parsing
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Outside In Filters. NOTE: the previous information was obtained from the April 2011 CPU. Oracle has not commented on claims from a reliable third party that this issue is in (a) vswk6.dll or (b) libvs_wk6.so in Outside In 8.1.0.4037 through 8.3.5.5684, involving the Lotus 123 parser.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Nessus
NASL family | Windows |
NASL id | SYMANTEC_ENTERPRISE_VAULT_SYM11-011.NASL |
description | The version of Symantec Enterprise Vault installed on the remote host uses a version of the Oracle Outside In libraries that contain multiple memory corruption vulnerabilities. A remote attacker could exploit these by sending an email with a malicious attachment, which could result in arbitrary code execution when it is processed for archiving. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 56413 |
published | 2011-10-07 |
reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/56413 |
title | Symantec Enterprise Vault / Oracle Outside In Multiple Vulnerabilities (SYM11-011) |
code |
|
References
- http://secunia.com/advisories/44295
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-csa
- http://www.kb.cert.org/vuls/id/520721
- http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=7009213&sliceId=1&docTypeID=DT_TID_1_1&dialogID=268451045&stateId=0%200%20268449309
- http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
- http://www.securityfocus.com/bid/47435
- http://www-01.ibm.com/support/docview.wss?uid=swg21660640