Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMF447173D179E5472C9F25844C713EE68D0ECE730449F3DD70DFE6DBEFA4C5D30
HistoryJun 17, 2018 - 12:17 p.m.

Security Bulletin: Multiple Oracle Outside In Technology (OIT) July 2016 CPU in IBM Content Collector for Email

2018-06-1712:17:03
www.ibm.com
8

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:C/I:P/A:P

JSON

Summary

An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.

Vulnerability Details

CVEID: CVE-2016-3574 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115143 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3575 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115144 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3576 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115145 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3579 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115148 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3580 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115149 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3577 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115146 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3578 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115147 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3581 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115150 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3582 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115151 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3583 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115152 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3590 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115153 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3591 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115154 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3592 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115155 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3593 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115156 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3594 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115157 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3595 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115158 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

CVEID: CVE-2016-3596 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115159 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)

Affected Products and Versions

IBM Content Collector for Email v3.0
IBM Content Collector for Email v4.0
IBM Content Collector for Email v4.0.1

Remediation/Fixes

Product

| VRM| Remediation
—|—|—
IBM Content Collector for Email | 3.0| Use Content Collector for IBM Content Collector for Email 4.0.0.3 Interim Fix 005 available at https://www.ibm.com/support/fixcentral/
IBM Content Collector for Email | 4.0| Use Content Collector for IBM Content Collector for Email 4.0.0.3 Interim Fix 005 available at https://www.ibm.com/support/fixcentral/
IBM Content Collector for Email | 4.0.1,
4.0.1.1,
4.0.1.2,
4.0.1.3| Use Content Collector for IBM Content Collector for Email 4.0.1.3 Interim Fix 001 available at https://www.ibm.com/support/fixcentral/
IBM Content Collector for Email | 4.0.1.4| Use Content Collector for IBM Content Collector for Email 4.0.1.4 Interim Fix 001 available at https://www.ibm.com/support/fixcentral/

Workarounds and Mitigations

NA

Related

prion 17
ibm 2
cve 17
mscve 1
nessus 1
talos 17
seebug 17
checkpoint_advisories 1
oracle 1
prion
prion
Design/Logic Flaw
2016-07-21 10:14:00
Design/Logic Flaw
2016-07-21 10:14:00
Design/Logic Flaw
2016-07-21 10:14:00
ibm
ibm
Security Bulletin: Vulnerabilies (17 total) in Oracle Outside In Technology (OIT) affect FileNet Content Manager and IBM Content Foundation
2018-06-17 12:16:38
Security Bulletin: Multiple Vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation (CVE-2016-3574, CVE-2016-3575, etc)
2018-06-17 05:15:44
cve
cve
CVE-2016-3575
2016-07-21 10:14:00
CVE-2016-3590
2016-07-21 10:14:00
CVE-2016-3579
2016-07-21 10:14:00
mscve
mscve
Oracle Outside In Vulnerabilities
2016-09-13 07:00:00
nessus
nessus
MS16-108: Security Update for Microsoft Exchange Server (3185883)
2016-09-13 00:00:00
talos
talos
Oracle OIT IX SDK TIFF file parsing heap buffer overflow
2016-07-19 00:00:00
Oracle OIT IX SDK libvs_pdf arbitrary pointer access
2016-07-19 00:00:00
Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity
2016-07-19 00:00:00
seebug
seebug
Oracle OIT IX SDK GIF ImageWidth Code Execution Vulnerabiity(CVE-2016-3583)
2017-10-16 00:00:00
Oracle OIT IX SDK libvs_pdf arbitrary pointer access(CVE-2016-3579)
2017-10-16 00:00:00
Oracle OIT IX SDK libvs_pdf FlateDecode Colors Denial of Service Vulnerabiity(CVE-2016-3578)
2017-10-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Fusion Middleware OiT Component Multiple Vulnerabilities (CVE-2016-3593)
2020-12-20 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2016
2016-07-19 00:00:00

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:C/I:P/A:P

JSON
Related for F447173D179E5472C9F25844C713EE68D0ECE730449F3DD70DFE6DBEFA4C5D30
prion17ibm2cve17mscve1nessus1talos17seebug17checkpoint_advisories1oracle1