Main Vulnerability Database Vulnerabilities #VU42899

Input validation error in PeopleSoft Enterprise PeopleTools - CVE-2013-2409

Published: April 17, 2013 / Updated: August 11, 2020

Vulnerability identifier: #VU42899

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2013-2409

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
PeopleSoft Enterprise PeopleTools

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via vectors related to PIA Core Technology.

How to mitigate CVE-2013-2409

Install update from vendor's website.

Sources

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

Input validation error in PeopleSoft Enterprise PeopleTools - CVE-2013-2409

Detailed vulnerability description

How to mitigate CVE-2013-2409

Sources

Please verify you're human