510 matches found
CVE-2012-3133
Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1.2.1 and 11.1.2.2, Essbase Server 11.1.2.1 and 11.1.2.2, Production Reporting Server 11.1.2.1 and 11.1.2.2, and Integration Services Server 11.1.2.1 and 11.1.2.2 has unknown impact and attack vecto...
CVE-2011-5167
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...
Heap overflow
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...
CVE-2011-5167
CVE-2011-5167 describes a heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) version 6.3.5 Build 1 used by Oracle Hyperion Strategic Finance 12.x (and possibly earlier). An attacker could trigger arbitrary code execution by supplying a lo...
CVE-2011-5167
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...
CVE-2012-1729
Unspecified vulnerability in the Hyperion BI+ component in Oracle Hyperion 11.1.1.3 and earlier allows remote attackers to affect integrity via unknown vectors related to UI and Visualization...
CVE-2012-1729
CVE-2012-1729 affects the Hyperion BI+ component of Oracle Hyperion 11.1.1.3 and earlier. The description indicates an unspecified vulnerability that could impact integrity and relates to UI and Visualization, with remote exploitation via unknown vectors. The available connected sources confirm t...
Oracle Hyperion Strategic Finance Client ActiveX Control Code Execution
A remote code execution vulnerability has been reported in Oracle Hyperion Strategic Finance client...
Oracle Hyperion Financial Management ActiveX Heap Overflow
Added: 11/21/2011 BID: 50565 OSVDB: 76913 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for...
Oracle Hyperion Financial Management ActiveX Heap Overflow
Added: 11/21/2011 BID: 50565 OSVDB: 76913 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for...
Oracle Hyperion Financial Management ActiveX Heap Overflow
Added: 11/21/2011 BID: 50565 OSVDB: 76913 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for...
Oracle Hyperion Financial Management ActiveX Heap Overflow
Added: 11/21/2011 BID: 50565 OSVDB: 76913 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for...
Oracle Hyperion Financial Management ActiveX File Upload
Added: 11/15/2011 BID: 50476 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for scripting and...
Oracle Hyperion Financial Management ActiveX File Upload
Added: 11/15/2011 BID: 50476 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for scripting and...
Oracle Hyperion Financial Management ActiveX File Upload
Added: 11/15/2011 BID: 50476 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for scripting and...
Oracle Hyperion Strategic Finance Formula One ActiveX控件"SetDevNames()"
Oracle Hyperion Financial Management是综合性的、可扩展的、基于Web的国际财务集成、报告和分析的解决方案。 Oracle Hyperion Strategic Finance在实现上存在安全漏洞,可被恶意用户利用控制用户系统。 此漏洞源于Formula One ActiveX控件TTF16.ocx的"SetDevNames"方法中的边界错误,通过 "DriverName" 参数中传递的超长字符串可造成堆缓冲区溢出。 Oracle Hyperion Strategic Finance 11.x Oracle Hyperion Strategic...
Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow
Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u494...
Oracle Hyperion Strategic Finance Client 12.x Heap Overflow
var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" +...
Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook
Exploit for windows platform in category remote exploits var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu...
Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability
Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url: http://www.oracle.com/technetwork/middleware/epm/downloads/index.html files tested: SystemInstaller-11121-win32.zi...