Unrated severityNVD Advisory· Published Jan 19, 2011· Updated Apr 29, 2026

CVE-2010-4417

Description

Unspecified vulnerability in the Services for Beehive component in Oracle Fusion Middleware 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, and 2.0.1.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that voice-servlet/prompt-qa/Index.jspf does not properly handle null (%00) bytes in the evaluation parameter that is used in a filename, which allows attackers to create a file with an executable extension and execute arbitrary JSP code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Oracle Corporation/Beehive5 versions
cpe:2.3:a:oracle:beehive:2.0.1.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:oracle:beehive:2.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:beehive:2.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:beehive:2.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:beehive:2.0.1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:beehive:2.0.1.3:*:*:*:*:*:*:*
Oracle Corporation/Services for Beehivellm-create
Range: 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, 2.0.1.3

Patches

Vulnerability mechanics

References

secunia.com/advisories/42978nvdVendor Advisory
www.oracle.com/technetwork/topics/security/cpujan2011-194091.htmlnvdVendor Advisory
www.vupen.com/english/advisories/2011/0143nvdVendor Advisory
www.securityfocus.com/bid/45854nvd
www.securitytracker.com/idnvd
www.zerodayinitiative.com/advisories/ZDI-11-020/nvd
exchange.xforce.ibmcloud.com/vulnerabilities/64772nvd
www.exploit-db.com/exploits/38859/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.063
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000