Oracle WebCenter Forms Recognition 'CroScPlt.dll' ActiveX Control Insecure Method Vulnerability

Oracle WebCenter Forms Recognition is prone to a vulnerability caused by an insecure method that affects the 'CroScPlt.dll' ActiveX control.

An attacker can exploit this issue to create or overwrite arbitrary files on the victim's computer within the context of the affected application (typically Internet Explorer) that uses the ActiveX control.

Successfully exploiting this issue will allow attackers to execute arbitrary code in the context of the current user.

This vulnerability affects the following supported versions:


Privacy Statement
Copyright 2010, SecurityFocus