RootSSV:20025Oracle Siebel Option Pack for IE ActiveX控件内存初始化漏洞
0.011 Low
EPSS
Percentile
84.6%
CVE ID: CVE-2009-3737
Siebel Option Pack for IE是Oracle Siebel CRM软件所提供的ActiveX控件。
Siebel Option Pack for IE ActiveX控件没有正确地初始化由NewBusObj()方式所使用的内存,用户受骗访问了恶意网页并用特制参数调用该方式就可能导致执行任意代码。
Oracle Siebel Option Pack for IE 7.x
临时解决方法:
- 将以下文本保存为.REG文件并导入:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility{07070bfd-c501-4899-934d-0b96a9f70795}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility{07070bfd-c501-4899-934d-0b96a9f70795}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility{26bac093-997c-4084-bad6-c35f5d67ea99}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility{26bac093-997c-4084-bad6-c35f5d67ea99}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility{45874228-a445-40dc-962b-ec15559b1741}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility{45874228-a445-40dc-962b-ec15559b1741}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility{631F0C94-C02F-40AC-A31B-DDC39731FC81}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility{631F0C94-C02F-40AC-A31B-DDC39731FC81}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility{68cdb19a-6305-4589-8c35-41e3502cd451}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility{68cdb19a-6305-4589-8c35-41e3502cd451}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility{81a81dd2-a261-442a-b9b1-df10a2542020}]
"Compatibility Flags"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility{81a81dd2-a261-442a-b9b1-df10a2542020}]
"Compatibility Flags"=dword:00000400
厂商补丁:
Oracle
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
Related
