Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0418


Vulnerability Score 6.8 6.8
CVE Id CVE-2013-0418
Last Modified 13 Jan 2014 11:22:34
Published 16 Jan 2013 08:55:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-0393. NOTE: the previous information was obtained from the January 2013 CPU. Oracle has not commented on claims from an independent researcher that this is a heap-based buffer overflow in the Paradox database stream filter (vspdx.dll) that can be triggered using a table header with a crafted "number of fields" value.

Vulnerable Systems


  • Microsoft Exchange Server 2007

  • Microsoft Exchange Server 2010

  • Oracle Fusion Middleware

  • Oracle Fusion Middleware 8.4



BUGTRAQ - 20130117 Secunia Research: Oracle Outside In Technology Paradox Database Handling Buffer Overflow

MS - MS13-012

CERT - TA13-043B



Related Patches

MS13-012 Update Rollup 6 for Exchange Server 2010 Service Pack 2 (KB2746164)

MS13-012 Update Rollup 10 for Exchange Server 2007 SP 3 (KB2788321)

Last Updated: 27 May 2016 10:36:58