Lucene search

[email protected]NVD:CVE-2009-3737

HistoryAug 17, 2010 - 8:00 p.m.

CVE-2009-3737

2010-08-1720:00:02

CWE-94

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.6%

JSON

The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document.

Affected configurations

NVD

Node

oraclesiebel_option_pack_ie_activex_control

AND

microsoftinternet_explorer

References

secunia.com/advisories/40804

www.kb.cert.org/vuls/id/174089

www.osvdb.org/66926

www.vupen.com/english/advisories/2010/2028

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.6%

JSON

Related for NVD:CVE-2009-3737

cert1 seebug1 cvelist1 prion1 cve1