Lucene search
CertccCVE-2009-3737HistoryAug 17, 2010 - 8:00 p.m.
CVE-2009-3737
2010-08-1720:00:02
CWE-94
certcc
web.nvd.nist.gov
26
cve-2009-3737
oracle
siebel
option pack
ie
activex
memory initialization
vulnerability
nvd
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.4
Confidence
Low
EPSS
0.013
Percentile
86.3%
The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document.
Affected configurations
Node
oraclesiebel_option_pack_ie_activex_control
microsoftinternet_explorer
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oracle | siebel_option_pack_ie_activex_control | * | cpe:2.3:a:oracle:siebel_option_pack_ie_activex_control:*:*:*:*:*:*:*:* |
| microsoft | internet_explorer | * | cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:* |
Related
cert
cert
seebug
seebug
Oracle Siebel Option Pack for IE ActiveXζ§δ»Άε
εεε§εζΌζ΄
2010-08-10 00:00:00
cvelist
cvelist
CVE-2009-3737
2010-08-17 17:31:00
prion
prion
Design/Logic Flaw
2010-08-17 20:00:00
nvd
nvd
CVE-2009-3737
2010-08-17 20:00:02
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.4
Confidence
Low
EPSS
0.013
Percentile
86.3%
Related for CVE-2009-3737