Secunia
Login
|
|
CVE Reference: CVE-2010-3595 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2010-3595 |
|
|
Description: Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect confidentiality via unknown vectors related to Import Server. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from the original researcher that remote attackers can read arbitrary files via a full pathname in the first argument to the ImportBodyText method in the EasyMail ActiveX control (emsmtp.dll). |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/64770 ST 1024981 SAID Secunia Advisory: SA42976 MISC http://dsecrg.com/pages/vul/show.php?id=307 EXPLOIT-DB http://www.exploit-db.com/exploits/16056 CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/515957/100/0/threaded BID 45849 |
|
| Return to the previous page. |
