Oracle AutoVue 'AutoVueX.ocx' ActiveX Control 'ExportEdaBom()' Insecure Method Vulnerability

Oracle AutoVue 'AutoVueX.ocx' ActiveX control is prone to a vulnerability caused by an insecure method.

Successfully exploiting this issue will allow attackers to create or overwrite arbitrary files on a victim's computer within the context of the affected application (typically Internet Explorer) that uses the ActiveX control.

Oracle AutoVue 20.0.1 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus