CVE-2012-0549 - Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Sui

CVE-2012-0549

Summary

Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API.

References

Vulnerable Configurations

cpe:2.3:a:oracle:supply_chain_products_suite:20.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:supply_chain_products_suite:20.1.1:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 07-12-2017 - 02:29)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

confirm	http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
mandriva	MDVSA-2013:150
sectrack	1026937
secunia	48875

saint via4

bid	53077
description	Oracle AutoVue SetMarkupMode ActiveX Overflow
osvdb	81439
title	oracle_autovue_setmarkupmode_activex
type	client

Last major update

07-12-2017 - 02:29

Published

03-05-2012 - 18:55

Last modified

07-12-2017 - 02:29