HTML Surround Vulnerability in Oracle Industry Applications
CVE-2013-1520

Currently unrated

Key Information:

Vendor: Oracle
Status: Industry Applications
Vendor: CVE Published:; 17 April 2013

Summary

An unspecified vulnerability exists in the Oracle Clinical Remote Data Capture Option component of Oracle Industry Applications with versions 4.6.0 and 4.6.6 being affected. This vulnerability can be exploited by remote authenticated users, potentially compromising the confidentiality and integrity of sensitive data through specific vectors linked to HTML Surround. Organizations utilizing affected versions should take immediate actions to mitigate risks associated with this vulnerability.

References

http://www.oracle.com/technetwork/topics/security/cpuapr2...

x_refsource_CONFIRM

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

Timeline

Vulnerability published
Apr 17, 2013
Vulnerability Reserved
Jan 30, 2013