Unrated severityNVD Advisory· Published Jan 19, 2011· Updated Apr 29, 2026

CVE-2010-3595

Description

Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect confidentiality via unknown vectors related to Import Server. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from the original researcher that remote attackers can read arbitrary files via a full pathname in the first argument to the ImportBodyText method in the EasyMail ActiveX control (emsmtp.dll).

Affected products

Oracle Corporation/Fusion Middleware2 versions
cpe:2.3:a:oracle:fusion_middleware:10.1.3.4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:fusion_middleware:10.1.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:fusion_middleware:10.1.3.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.oracle.com/technetwork/topics/security/cpujan2011-194091.htmlnvdVendor Advisory
www.vupen.com/english/advisories/2011/0143nvdVendor Advisory
dsecrg.com/pages/vul/show.phpnvd
secunia.com/advisories/42976nvd
www.exploit-db.com/exploits/16056nvd
www.securityfocus.com/archive/1/515957/100/0/threadednvd
www.securityfocus.com/bid/45849nvd
www.securitytracker.com/idnvd
exchange.xforce.ibmcloud.com/vulnerabilities/64770nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.023
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000