Lucene search

K

[email protected]NVD:CVE-2007-4467

HistoryAug 31, 2007 - 12:17 a.m.

CVE-2007-4467

2007-08-3100:17:00

CWE-20

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.21 Low

EPSS

Percentile

96.4%

Multiple stack-based buffer overflows in the Oracle JInitiator ActiveX control (beans.ocx) 1.1.8.16 and earlier, as used by Oracle Forms applications from Oracle and third parties, allow remote attackers to execute arbitrary code via unspecified “initialization parameters.” NOTE: it was later reported that 1.1.8.3 through 1.1.8.25, and probably 1.1.5.x and 1.1.7.x, are affected.

Affected configurations

NVD

Node

oraclejinitiatorMatch1.1.5

OR

oraclejinitiatorMatch1.1.7

OR

oraclejinitiatorMatch1.1.8.3

OR

oraclejinitiatorMatch1.1.8.16

OR

oraclejinitiatorMatch1.1.8.25

References

osvdb.org/37711

secunia.com/advisories/26644

securitytracker.com/id?1018618

www.integrigy.com/security-resources/analysis/integrigy-oracle-jinitiator-vulnerability.pdf

www.kb.cert.org/vuls/id/474433

www.securityfocus.com/archive/1/479186/100/100/threaded

www.securityfocus.com/bid/25473

www.vupen.com/english/advisories/2007/3007

exchange.xforce.ibmcloud.com/vulnerabilities/36310

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.21 Low

EPSS

Percentile

96.4%

Related for NVD:CVE-2007-4467

cert1 nessus1 cve1 securityvulns2 prion1 cvelist1 d21