CVE-2011-0794

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware version 8.3.5.0 Oracle Outside In Technology versions 8.3.5.x through 8.3.5.5684

Description The issue affects confidentiality, integrity, and availability. It is related to the File ID SDK. The vulnerability can be exploited when using the CAB file identification functionality to parse certain file formats, including OneNote (.onepkg) files.

Recommendations For Oracle Fusion Middleware version 8.3.5.0, update to a version that is not affected by this issue. For Oracle Outside In Technology versions 8.3.5.x through 8.3.5.5684, consider restricting access to the sccut.dll or libsc ut.so libraries until a patch is available. As a temporary workaround, avoid using the CAB file identification functionality to parse OneNote (.onepkg) files and other formats until the issue is resolved.