Oracle Hyperion Financial Management TList 6 ActiveX Control Remote Code Execution Vulnerability
BID:58474
Info
Oracle Hyperion Financial Management TList 6 ActiveX Control Remote Code Execution Vulnerability
| Bugtraq ID: | 58474 |
| Class: | Unknown |
| CVE: |
CVE-2012-1714 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 26 2012 12:00AM |
| Updated: | Jun 26 2012 12:00AM |
| Credit: | Oracle |
| Vulnerable: |
Oracle Hyperion Financial Management 11.1.2.1.104 Oracle Hyperion Financial Management 11.1.1.4 |
| Not Vulnerable: | |
Discussion
Oracle Hyperion Financial Management TList 6 ActiveX Control Remote Code Execution Vulnerability
Hyperion Financial Management is prone to a remote code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application that uses the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.
Hyperion Financial Management 11.1.1.4 and 11.1.2.1.104 are vulnerable.
Hyperion Financial Management is prone to a remote code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application that uses the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.
Hyperion Financial Management 11.1.1.4 and 11.1.2.1.104 are vulnerable.
Exploit / POC
Oracle Hyperion Financial Management TList 6 ActiveX Control Remote Code Execution Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Oracle Hyperion Financial Management TList 6 ActiveX Control Remote Code Execution Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.