CVE-2007-4467

Currently unrated

Key Information:

Vendor: Oracle
Status: Jinitiator
Vendor: CVE Published:; 31 August 2007

Summary

Multiple stack-based buffer overflows in the Oracle JInitiator ActiveX control (beans.ocx) 1.1.8.16 and earlier, as used by Oracle Forms applications from Oracle and third parties, allow remote attackers to execute arbitrary code via unspecified "initialization parameters." NOTE: it was later reported that 1.1.8.3 through 1.1.8.25, and probably 1.1.5.x and 1.1.7.x, are affected.

References

http://www.integrigy.com/security-resources/analysis/inte...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/36310

vdb-entryx_refsource_XF

http://securitytracker.com/id?1018618

vdb-entryx_refsource_SECTRACK

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 31, 2007
Vulnerability Reserved
Aug 22, 2007