1 results (0.002 seconds)
CVSS: 9.3EPSS: 6%CPEs: 2EXPL: 0
CVSS: 9.3EPSS: 6%CPEs: 2EXPL: 0CVE-2009-3737
https://notcve.org/view.php?id=CVE-2009-3737
17 Aug 2010 — The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document. El control ActiveX Oracle Siebel Option Pack para IE no inicializa adecuadamente la memoria que usa el método NewBusObj, lo cual permite a atacantes remotos ejecutar código a su elección a través de documentos HTML manipulados. • http://secunia.com/advisories/40804 • CWE-94: Improper Control of Generation of Code ('Code Injection') •