OSVDB ID: 83972

Title: Oracle Clinical Remote Data Capture Option HTML Surround Subcomponent Unspecified Remote Information Disclosure

Info

Disclosure

Jul 17, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jul 17, 2012

Description

Oracle Clinical Remote Data Capture Option contains an unspecified flaw related to the HTTP Surround subcomponent that may allow an authenticated remote attacker to gain access to potentially sensitive information. No further details have been provided.

Classification

Location: Remote / Network Access
Impact: Loss of Confidentiality
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified, Coordinated Disclosure
OSVDB: Authentication Required, Web Related

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability. Check the vendor advisory in the references section.

Products

Oracle Corporation

Clinical Remote Data Capture Option

4.6.0.x
4.6.2
4.6.3

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/83972