Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2013-3770

EPSS 0.25% · P49
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2013-3770

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Server. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a third party that the issue is related to "iDoc script injection" in the (1) cs and (2) urm components, which allows attackers to read "sensitive" files, as demonstrated by obtaining the "AES encryption key and encrypted credentials" of the weblogic user.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Oracle Fusion Middleware Oracle WebCenter Content组件安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Oracle Fusion Middleware(Oracle融合中间件)是美国甲骨文(Oracle)公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。 Oracle Fusion Middleware中的Oracle WebCenter Content组件中存在安全漏洞。远程经过授权的攻击者可通过Content Server利用该漏洞影响保密性和完整性。以下版本中存在漏洞:Oracle Fusion Middleware 10.1.3.5.1,11.1.1.6.0,11.1.
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2013-3770

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2013-3770

Please Login to view more intelligence information

Same Patch Batch · n/a · 2013-07-17 · 77 CVEs total

CVE-2013-3795Oracle MySQL Server组件安全漏洞
CVE-2013-3818Oracle PeopleSoft Enterprise PeopleTools组件安全漏洞
CVE-2013-3803Oracle Hyperion BI+组件安全漏洞
CVE-2013-3802Oracle MySQL Server组件安全漏洞
CVE-2013-3801Oracle MySQL Server组件安全漏洞
CVE-2013-3800Oracle PeopleSoft Enterprise PeopleTools组件安全漏洞
CVE-2013-3799Oracle Solaris 安全漏洞
CVE-2013-3798Oracle MySQL Server组件安全漏洞
CVE-2013-3797Oracle Solaris 安全漏洞
CVE-2013-3796Oracle MySQL Server组件安全漏洞
CVE-2013-3804Oracle MySQL Server组件安全漏洞
CVE-2013-3794Oracle MySQL Server组件安全漏洞
CVE-2013-3793Oracle MySQL Server组件安全漏洞
CVE-2013-3791Oracle Enterprise Manager Grid Control 安全漏洞
CVE-2013-3790Oracle Database Server Core RDBMS组件安全漏洞
CVE-2013-3789Oracle Database Server Core RDBMS组件安全漏洞
CVE-2013-3788Oracle E-Business Suite Oracle iSupplier Portal组件安全漏洞
CVE-2013-3787Oracle Solaris 安全漏洞
CVE-2013-3786Oracle Solaris 安全漏洞
CVE-2013-3784Oracle PeopleSoft Products PeopleSoft Enterprise HRMS组件安全漏洞

Showing top 20 of 77 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2013-3770

No comments yet

Leave a comment