Executive Summary
Summary | |
---|---|
Title | Oracle JInitiator ActiveX control stack buffer overflows |
Informations | |||
---|---|---|---|
Name | VU#474433 | First vendor Publication | 2007-08-28 |
Vendor | VU-CERT | Last vendor Modification | 2007-09-14 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#474433Oracle JInitiator ActiveX control stack buffer overflowsOverviewThe Oracle JInitiator ActiveX control contains multiple stack buffer overflows, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.I. DescriptionOracle JInitiator allows users to run Oracle Developer Server applications within a web browser. Oracle JInitiator includes an ActiveX control called beans.ocx. The Oracle JInitiator ActiveX control is vulnerable to multiple stack buffer overflows in initialization parameters.This vulnerability appears to be present in versions 1.1.8.x of the Oracle JInitiator software. In our testing, the 1.3.1.x versions of JInitiator do not contain these buffer overflows. However, installing a later version of the software will not remove the vulnerable version of the control.
{FF348B6E-FD21-11D4-A3F0-00C04FA32518} {689FF870-2AC0-11D5-B634-00C04FAEDB18} {86ECB6A0-400A-11D5-B638-00C04FAEDB18} {ED54A7B0-6C1C-11D5-B63D-00C04FAEDB18} {0A454840-7232-11D5-B63D-00C04FAEDB18} {9B935470-AD4A-11D5-B63E-00C04FAEDB18} {1D2A8890-3083-11D6-B649-00C04FAEDB18} {5E2A3510-4371-11D6-B64C-00C04FAEDB18} {E2258010-B53C-11D6-B64D-00C04FAEDB18} {B5859259-C40B-4B2A-AF9D-3BF0F634B1D5} {332BD5A0-8000-11D7-B657-00C04FAEDB18} {B13D8B3E-04A8-406F-BD35-07530D4A62DC} {E79BC654-8FC6-4BB9-BFB8-8860779AE213} {7C2C94F0-7991-42B4-8D5F-4CB15B490657}
[HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{A2001DD0-C7BD-11D4-A3E1-00C04FA32518}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{FF348B6E-FD21-11D4-A3F0-00C04FA32518}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{689FF870-2AC0-11D5-B634-00C04FAEDB18}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{86ECB6A0-400A-11D5-B638-00C04FAEDB18}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{ED54A7B0-6C1C-11D5-B63D-00C04FAEDB18}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{0A454840-7232-11D5-B63D-00C04FAEDB18}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{9B935470-AD4A-11D5-B63E-00C04FAEDB18}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{1D2A8890-3083-11D6-B649-00C04FAEDB18}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{5E2A3510-4371-11D6-B64C-00C04FAEDB18}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{E2258010-B53C-11D6-B64D-00C04FAEDB18}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{B5859259-C40B-4B2A-AF9D-3BF0F634B1D5}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{332BD5A0-8000-11D7-B657-00C04FAEDB18}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{B13D8B3E-04A8-406F-BD35-07530D4A62DC}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{E79BC654-8FC6-4BB9-BFB8-8860779AE213}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerActiveX Compatibility{7C2C94F0-7991-42B4-8D5F-4CB15B490657}] "Compatibility Flags"=dword:00000400 Disabling ActiveX controls in the Internet Zone (or any zone used by an attacker) appears to prevent exploitation of this and other ActiveX vulnerabilities. Instructions for disabling ActiveX in the Internet Zone can be found in the "Securing Your Web Browser" document. Systems Affected
Referenceshttp://www.cert.org/tech_tips/securing_browser/#Internet_Explorer This vulnerability was reported by Will Dormann of the CERT/CC. This document was written by Will Dormann. Additional information was provided by Stephen Kost of Integrigy.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/474433 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 5 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
37711 | Oracle JInitiator ActiveX (beans.ocx) Multiple Unspecified Overflows |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Oracle JInitiator ActiveX clsid unicode access RuleID : 12381 - Revision : 4 - Type : WEB-ACTIVEX |
2014-01-10 | Oracle JInitiator ActiveX clsid access RuleID : 12380 - Revision : 8 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-08-29 | Name : The remote Windows host has at least one ActiveX control that is affected by ... File : oracle_jinitiator_beans_activex_overflows.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:07:52 |
|