Oracle WebCenter Imaging is a combined document management and business process management suite, marketed as a component of the Oracle Fusion Middleware portfolio of products. Oracle Forms Recognition (OFR) is an intelligent data capture solution that integrates with WebCenter Imaging.
Oracle Forms Recognition (OFR) installs an ActiveX control named Sssplt30.ocx on the systems of its users. In OFR versions 10.1.3.5 and prior, the Save method of the SSSplitter control does not properly validate the parameters. An attacker can leverage this weakness and construct a malicious SSSplitter object, then save it to a location of their choice. This may result in the attacker gaining full execution access on the target's system.
Apply the updates suggested in the vendor advisory.
This exploit has been tested against Oracle WebCenter Forms Recognition 10.1.3.5 on Windows XP SP3 English (DEP OptIn). The system must be rebooted before the payload is executed.