CVE-2012-0549

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

U

nspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API.

References

Link	Resource
http://secunia.com/advisories/48875
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html	Vendor Advisory
http://www.securitytracker.com/id?1026937
http://secunia.com/advisories/48875
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html	Vendor Advisory
http://www.securitytracker.com/id?1026937

Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:supply_chain_products_suite:20.1.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:35

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/48875 -~~	() http://secunia.com/advisories/48875 -
References	~~() http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 -~~	() http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 -
References	~~() http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html - Vendor Advisory~~	() http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html - Vendor Advisory
References	~~() http://www.securitytracker.com/id?1026937 -~~	() http://www.securitytracker.com/id?1026937 -

Information

Published : 2012-05-03 18:55

Updated : 2025-04-11 00:51

NVD link : CVE-2012-0549

Mitre link : CVE-2012-0549

CVE.ORG link : CVE-2012-0549

JSON object : View

Products Affected

supply_chain_products_suite

CWE

NVD-CWE-noinfo

{"id": "CVE-2012-0549", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-05-03T18:55:01.513", "references": [{"url": "http://secunia.com/advisories/48875", "source": "[email protected]"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "source": "[email protected]"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "http://www.securitytracker.com/id?1026937", "source": "[email protected]"}, {"url": "http://secunia.com/advisories/48875", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1026937", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle AutoVue Office en Oracle Supply Chain Products Suite 20.1.1 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad, relacionado con Desktop API."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:20.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "565AB4BA-CF87-410A-A79C-BC1B7D3D8D6E"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}