Vulnerability in Oracle FLEXCUBE Direct Banking Affects Oracle Financial Services Software
CVE-2013-1539

Currently unrated

Key Information:

Vendor: Oracle
Status: Financial Services Software
Vendor: CVE Published:; 17 April 2013

Summary

An unspecified security vulnerability has been identified in the Oracle FLEXCUBE Direct Banking component, affecting multiple versions of Oracle Financial Services Software. This flaw allows remote authenticated users to potentially compromise the confidentiality of information via specific vectors related to CTF (Capture the Flag). The vulnerability spans various versions including 2.8.0 through 3.1.0, and 5.0.2 through 5.3.4. Organizations using these versions should assess their exposure and take appropriate measures to mitigate risks associated with this vulnerability.

References

http://www.oracle.com/technetwork/topics/security/cpuapr2...

x_refsource_CONFIRM

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

Timeline

Vulnerability published
Apr 17, 2013
Vulnerability Reserved
Jan 30, 2013