CVE-2013-3763

Oracle Endeca Server - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3764.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/27877

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/oracle_endeca_exec.rb

View Code ZIP pw:eip

References (3)

[Vendor Advisory] http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-13-190/

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1028801

Scores

EPSS 0.7218

EPSS Percentile 98.8%

Details

Status published

Products (2)

oracle/fusion_middleware 7.4.0

oracle/fusion_middleware 7.5.1.1

Published Jul 17, 2013

Tracked Since Feb 18, 2026