Lucene search
K

13 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.44 views

Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow

No description provided by source. !-- Oracle Hyperion Strategic Finance Client 12.x Tidestone Formula One WorkBook OLE Control TTF16 6.3.5 Build 1 SetDevNames Remote Heap Overflow poc 99% stable,IE-no-dep. I think this control can be carried by other products, however 6.1 seems not vulnerable A...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2014/01/15 4:11 p.m.1 views

CVE-2013-3830

Unspecified vulnerability in the Hyperion Strategic Finance component in Oracle Hyperion 11.1.2.1 and 11.1.2.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server...

7.1CVSS5.5AI score0.02468EPSS
Exploits0References6
CVE
CVE
added 2014/01/15 12:30 a.m.41 views

CVE-2013-3830

CVE-2013-3830 affects the Oracle Hyperion Hyperion Strategic Finance component (versions 11.1.2.1 and 11.1.2.2 ). It enables remote authenticated users to impact confidentiality , integrity , and availability via unknown vectors related to the Server. The provided documents do not include explici...

7.1CVSS5.6AI score0.02468EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2012/09/15 5:55 p.m.19 views

CVE-2011-5167

Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...

9.3CVSS7.7AI score0.09756EPSS
Exploits1References7
Prion
Prion
added 2012/09/15 5:55 p.m.17 views

Heap overflow

Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...

9.3CVSS8.4AI score0.09756EPSS
Exploits1References7Affected Software2
Cvelist
Cvelist
added 2012/09/15 5:0 p.m.24 views

CVE-2011-5167

Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...

7.7AI score0.09756EPSS
Exploits1References7
CVE
CVE
added 2012/09/15 5:0 p.m.49 views

CVE-2011-5167

CVE-2011-5167 describes a heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) version 6.3.5 Build 1 used by Oracle Hyperion Strategic Finance 12.x (and possibly earlier). An attacker could trigger arbitrary code execution by supplying a lo...

9.3CVSS8AI score0.09756EPSS
Exploits1References7Affected Software2
Check Point Advisories
Check Point Advisories
added 2012/01/17 12:0 a.m.0 views

Oracle Hyperion Strategic Finance Client ActiveX Control Code Execution

A remote code execution vulnerability has been reported in Oracle Hyperion Strategic Finance client...

7.9AI score
Exploits0
seebug.org
seebug.org
added 2011/11/09 12:0 a.m.27 views

Oracle Hyperion Strategic Finance Formula One ActiveX控件"SetDevNames()"

Oracle Hyperion Financial Management是综合性的、可扩展的、基于Web的国际财务集成、报告和分析的解决方案。 Oracle Hyperion Strategic Finance在实现上存在安全漏洞,可被恶意用户利用控制用户系统。 此漏洞源于Formula One ActiveX控件TTF16.ocx的"SetDevNames"方法中的边界错误,通过 "DriverName" 参数中传递的超长字符串可造成堆缓冲区溢出。 Oracle Hyperion Strategic Finance 11.x Oracle Hyperion Strategic...

7AI score
Exploits0
exploitpack
exploitpack
added 2011/11/07 12:0 a.m.22 views

Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow

Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u494...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/11/07 12:0 a.m.29 views

Oracle Hyperion Strategic Finance Client 12.x Heap Overflow

var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" +...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2011/11/07 12:0 a.m.48 views

Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow

var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" +...

7.4AI score
Exploits0
0day.today
0day.today
added 2011/11/06 12:0 a.m.28 views

Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook

Exploit for windows platform in category remote exploits var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu...

7.1AI score
Exploits0
Rows per page
Query Builder