47 matches found
CVE-2020-2592
Vulnerability in the Oracle AutoVue product of Oracle Supply Chain component: Security. The supported version that is affected is 21.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle AutoVue. Successful attacks of this...
CVE-2020-2592
Vulnerability in the Oracle AutoVue product of Oracle Supply Chain component: Security. The supported version that is affected is 21.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle AutoVue. Successful attacks of this...
Design/Logic Flaw
Vulnerability in the Oracle AutoVue product of Oracle Supply Chain component: Security. The supported version that is affected is 21.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle AutoVue. Successful attacks of this...
CVE-2020-2592
Vulnerability in the Oracle AutoVue product of Oracle Supply Chain component: Security. The supported version that is affected is 21.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle AutoVue. Successful attacks of this...
CVE-2020-2592
Vulnerability in the Oracle AutoVue product of Oracle Supply Chain component: Security. The supported version that is affected is 21.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle AutoVue. Successful attacks of this...
Oracle AutoVue CVE-2020-2592 Remote Security Vulnerability
Description Oracle AutoVue is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTP' protocol. The 'Security' sub component is affected. This vulnerability affects the following supported versions: 12.0.2 Technologies Affected Oracle AutoVue 12.0.2 Recommendation...
PT-2020-1465 · Oracle · Oracle Autovue
Name of the Vulnerable Software and Affected Versions: Oracle AutoVue version 21.0.2 Description: The issue is related to a lack of protection for service data in the Security component of Oracle AutoVue, allowing an unauthenticated attacker with network access via HTTP to compromise Oracle...
Vulnerability of the Format Handling sub-component – a 2D tool for viewing and annotating technical documents in Oracle AutoVue 3D Professional Advanced. This vulnerability allows unauthorized access to protected information.
The vulnerability of the Format Handling sub-component—a 2D tool for viewing and annotating technical documents in Oracle AutoVue 3D Professional Advanced—is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...
CVE-2019-2575
Vulnerability in the Oracle AutoVue 3D Professional Advanced component of Oracle Supply Chain Products Suite subcomponent: Format Handling - 2D. Supported versions that are affected are 21.0.0 and 21.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTT...
CVE-2019-2575
Vulnerability in the Oracle AutoVue 3D Professional Advanced component of Oracle Supply Chain Products Suite subcomponent: Format Handling - 2D. Supported versions that are affected are 21.0.0 and 21.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTT...
Design/Logic Flaw
Vulnerability in the Oracle AutoVue 3D Professional Advanced component of Oracle Supply Chain Products Suite subcomponent: Format Handling - 2D. Supported versions that are affected are 21.0.0 and 21.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTT...
CVE-2019-2575
Vulnerability in the Oracle AutoVue 3D Professional Advanced component of Oracle Supply Chain Products Suite subcomponent: Format Handling - 2D. Supported versions that are affected are 21.0.0 and 21.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTT...
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
Description Apache Log4j is prone to remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Apache Log4j 2.0-alpha1 through 2.8.1 ar...
Oracle AutoVue 20.0.1 AutoVueX ActiveX Control SaveViewStateToFile Vulnerability
No description provided by source. Oracle AutoVue 20.0.1 AutoVueX ActiveX Control SaveViewStateToFile Remote File Creation / Overwrite Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url of a test version:...
Oracle AutoVue DXF Parsing Could Allow Arbitrary Code Execution
Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Oracle Autovue software versions 20.1.1 and 20.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Oracle...
Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Oracle AutoVue - ActiveX Control SetMarkupMode Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 HttpClients::IE, :uaminver = "6.0",...
Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow
This module exploits a vulnerability found in the AutoVue.ocx ActiveX control. The vulnerability, due to the insecure usage of an strcpy like function in the SetMarkupMode method, when handling a specially crafted sMarkup argument, allows to trigger a stack based buffer overflow which leads to co...
Oracle AutoVue SetMarkupMode ActiveX Overflow
Added: 07/17/2012 CVE: CVE-2012-0549 BID: 53077 OSVDB: 81439 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring...
Oracle AutoVue SetMarkupMode ActiveX Overflow
Added: 07/17/2012 CVE: CVE-2012-0549 BID: 53077 OSVDB: 81439 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring...