4 matches found
Oracle Data Quality DateTimeWrapper onchange Remote Code Execution (CVE-2014-2416)
A remote code execution vulnerability has been reported in Oracle Data Profiling and Data Quality for Data Integrator. The vulnerability is due to dereferencing an arbitrary pointer within the TSS12.DscForms.DateTimeWrapper ActiveX control. A remote attacker can exploit this vulnerability by...
Oracle Data Quality and Profiling Client Multiple Vulnerabilities (April 2014 CPU)
According to the version of the Oracle Data Quality and Profiling client installed on the remote host, it is affected by multiple unspecified ActiveX control vulnerabilities. By tricking a user into opening a specially crafted document, an attacker may be able to execute arbitrary code...
CVE-2014-2416
CVE-2014-2416 affects Oracle Data Profiling and Data Quality for Data Integrator (Oracle Fusion Middleware 11.1.1.3.0). The root cause is a dereferencing error in the TSS12.DscForms.DateTimeWrapper ActiveX control, leading to remote code execution when a user opens a crafted page. This is part of...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2415, CVE-2014-2416,...