Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2264

Overview

Vulnerability Score 4.4 4.4
CVE Id CVE-2011-2264
Last Modified 13 Jan 2014 11:09:17
Published 20 Jul 2011 08:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2264

Summary

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows context-dependent attackers to affect confidentiality, integrity, and availability via unknown vectors related to Outside In Filters. NOTE: the previous information was obtained from the July 2011 CPU. Oracle has not commented on claims from a reliable third party that this is a stack-based buffer overflow in the imcdr2.flt library for the CorelDRAW parser.

Vulnerable Systems

Application

  • Oracle Fusion Middleware 8.3.2.0

  • Oracle Fusion Middleware 8.3.5.0


References

CERT - TA11-201A

CERT-VN - VU#103425

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21660640


Last Updated: 27 May 2016 11:04:07