NVD

Id
14969  
Name
CVE-2010-3591  
Description
Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Internal Operations. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from the original researcher that remote attackers can overwrite or delete arbitrary files via a full pathname in the second argument to the DownloadSingleMessageToFile method in the EMPOP3Lib ActiveX component (empop3.dll).  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2011-01-19  
Modified Date
2011-02-04  
Seq
2010-3591  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
83238 14969 CVE-2010-3591 http://dsecrg.com/pages/vul/show.php?id=305  View
83239 14969 CVE-2010-3591 16055  View
83240 14969 CVE-2010-3591 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html  View
83241 14969 CVE-2010-3591 20110125 [DSECRG-11-005] Oracle Document Capture empop3.dll - insecure method  View
83242 14969 CVE-2010-3591 45851  View
83243 14969 CVE-2010-3591 1024981  View
83244 14969 CVE-2010-3591 ADV-2011-0143  View
83245 14969 CVE-2010-3591 oracle-document-internaloperations-code-exec(64768)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
30809 JVNDB-2011-001048 Oracle Fusion Middleware の Oracle Document Capture コンポーネントにおける脆弱性 Oracle Fusion Middleware の Oracle Document Capture コンポーネントには、Internal Operations に関する処理に不備があるため、機密性、完全性、可用性に影響のある脆弱性が存在します。 CVE-2010-3591 46171 CVE-2010-3591 14969 9.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001048.html 2011-01-18 2011-02-10 View