Main Vulnerability Database Vulnerabilities #VU42898

Input validation error in PeopleSoft Enterprise PeopleTools - CVE-2013-2406

Published: April 17, 2013 / Updated: August 11, 2020

Vulnerability identifier: #VU42898

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2013-2406

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
PeopleSoft Enterprise PeopleTools

Detailed vulnerability description

The vulnerability allows a remote #AU# to manipulate data.

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology.

How to mitigate CVE-2013-2406

Install update from vendor's website.

Sources

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

Input validation error in PeopleSoft Enterprise PeopleTools - CVE-2013-2406

Detailed vulnerability description

How to mitigate CVE-2013-2406

Sources

Please verify you're human