Описание
The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document.
Ссылки
- Vendor Advisory
- US Government Resource
- Vendor Advisory
- Vendor Advisory
- US Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:oracle:siebel_option_pack_ie_activex_control:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05985
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document.
EPSS
Процентиль: 90%
0.05985
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-94