Oracle Data Quality Trillium Based SetEntities Type Confusion (CVE-2015-0444)
A remote code execution vulnerability exists in Oracle Data Quality TSS12.LoaderWizard.lwctrl ActiveX control. The vulnerability is due to a type confusion when handling data passed to SetEntities. A remote attacker can exploit this vulnerability by enticing a user to access a maliciously crafted...