2 matches found
Oracle AutoVue DGN Parsing Could Allow Arbitrary Code Execution
Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Oracle AutoVue software versions 20.1.1 and 20.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Oracle...
CVE-2012-1758
Oracle AutoVue in Oracle Supply Chain Products Suite (versions 20.1.1 and 20.2) contains two parsing vulnerabilities: (1) DGN parsing can lead to arbitrary code execution due to heap/stack corruption when processing crafted DGN files; (2) DXF parsing can also cause memory corruption. Successful e...