Oracle ORADC ActiveX Control Remote Code Execution Vulnerability
BID:22026
Info
Oracle ORADC ActiveX Control Remote Code Execution Vulnerability
| Bugtraq ID: | 22026 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 12 2007 12:00AM |
| Updated: | Jan 12 2007 10:10PM |
| Credit: | Umesh Wanve is credited with discovering this issue. |
| Vulnerable: |
Oracle Oracle Objects for OLE 0 |
| Not Vulnerable: | |
Discussion
Oracle ORADC ActiveX Control Remote Code Execution Vulnerability
Oracle ORADC ActiveX control is prone to a remote code-execution vulnerability.
Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control and possibly to compromise affected computers.
Oracle ORADC ActiveX control is prone to a remote code-execution vulnerability.
Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control and possibly to compromise affected computers.
Exploit / POC
Oracle ORADC ActiveX Control Remote Code Execution Vulnerability
The following proof-of-concept exploit is available:
The following proof-of-concept exploit is available:
Solution / Fix
Oracle ORADC ActiveX Control Remote Code Execution Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Oracle ORADC ActiveX Control Remote Code Execution Vulnerability
References:
References:
- Oracle Objects for OLE Product Page (Oracle)