CVE-2010-3535

Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Products Suite 6.0, 6.1, 6.2, and 6.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Identity Synchronization for Windows.

CVSS v2.0 4.4 MEDIUM

4.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 3.4 / Impact : 6.4

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html	Vendor Advisory
http://www.securitytracker.com/id?1024572
http://www.us-cert.gov/cas/techalerts/TA10-287A.html	US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:sun_products_suite:6.0:::::::*
	cpe:2.3:a:oracle:sun_products_suite:6.1:::::::*
	cpe:2.3:a:oracle:sun_products_suite:6.2:::::::*
	cpe:2.3:a:oracle:sun_products_suite:6.3:::::::*

History

No history.

Information

Published : 2010-10-14 18:00

Updated : 2013-02-07 05:00

NVD link : CVE-2010-3535

Mitre link : CVE-2010-3535

CVE.ORG link : CVE-2010-3535

JSON object : View

Products Affected

oracle

sun_products_suite

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-3535", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-10-14T18:00:17.087", "references": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1024572", "source": "secalert_us@oracle.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html", "tags": ["US Government Resource"], "source": "secalert_us@oracle.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Products Suite 6.0, 6.1, 6.2, and 6.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Identity Synchronization for Windows."}, {"lang": "es", "value": "Vulnerabilidad no especificada en componente Directory Server Enterprise Edition en Oracle Sun Products Suite v6.0, v6.1, v6.2, y v6.3 permite a los usuarios locales afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con \"Identity Synchronization\" para Windows."}], "lastModified": "2013-02-07T05:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:sun_products_suite:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1F058E7-CF00-459E-AAC2-A18E09EFB207"}, {"criteria": "cpe:2.3:a:oracle:sun_products_suite:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3849EA32-7643-47F7-99DE-2593A7185E1A"}, {"criteria": "cpe:2.3:a:oracle:sun_products_suite:6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBB48FE7-9F3F-4759-A2EC-19E151433117"}, {"criteria": "cpe:2.3:a:oracle:sun_products_suite:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FAEBF55-5132-4BBA-85ED-BD6BB757D55D"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}

4.4 /10