CVE-2013-0418
Last modified
CVE-2013-0418 is a vulnerability of currently unknown severity. Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-0393. NOTE: the previous information was obtained from the January 2013 CPU. EPSS estimates a 8.35% chance of exploitation in the next 30 days.
Description
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-0393. NOTE: the previous information was obtained from the January 2013 CPU. Oracle has not commented on claims from an independent researcher that this is a heap-based buffer overflow in the Paradox database stream filter (vspdx.dll) that can be triggered using a table header with a crafted "number of fields" value.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Exchange Server | 2007 | Sp3 |
| Microsoft | Exchange Server | 2010 | Sp2 |
| Oracle | Fusion Middleware | 8.3.7.0 | — |
| Oracle | Fusion Middleware | 8.4 | — |
References
- http://www.us-cert.gov/cas/techalerts/TA13-043B.htmlUS Government Resource
- http://www.us-cert.gov/cas/techalerts/TA13-043B.htmlUS Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-0418?
How severe is CVE-2013-0418?
How do I fix CVE-2013-0418?
Are you affected by CVE-2013-0418?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST