Vulnerability Details : CVE-2013-1559
Public exploit exists!
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 allows remote authenticated users to affect availability via unknown vectors related to Content Server.
Exploit prediction scoring system (EPSS) score for CVE-2013-1559
Probability of exploitation activity in the next 30 days: 97.12%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2013-1559
-
Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution
Disclosure Date: 2013-04-16First seen: 2020-04-26exploit/windows/browser/oracle_webcenter_checkoutandopenThis module exploits a vulnerability found in the Oracle WebCenter Content CheckOutAndOpenControl ActiveX. This vulnerability exists in openWebdav(), where user controlled input is used to call ShellExecuteExW(). This module abuses the control to execute an a
CVSS scores for CVE-2013-1559
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:N/A:P |
8.0
|
2.9
|
NIST |
References for CVE-2013-1559
-
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
Oracle Critical Patch Update - April 2013Vendor Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
mandriva.com
Products affected by CVE-2013-1559
- cpe:2.3:a:oracle:fusion_middleware:10.1.3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:fusion_middleware:11.1.1.6.0:*:*:*:*:*:*:*