virus logo Intrusion Prevention

Oracle.AutoVue.ActiveX.Control.Remote.File.Creation

description-logoDescription

This indicates an attack attempt to exploit a remote file creation vulnerability in Oracle AutoVue.
The vulnerability is located in the "AUTOVUEX.AutoVueXCtrl" ActiveX control through miss-use of "Control" property. It may allow remote attackers to write arbitrary files in the context when they are logging in the system. A remote attacker could exploit this vulnerability to execute arbitrary code via a crafted web page.

affected-products-logoAffected Products

Oracle AutoVue 20.0.1

Impact logoImpact

System Compromise: Remote attackers can create or overwrite arbitrary files in the context

recomended-action-logoRecommended Actions

Disable this ActiveX Control by setting its kill bit

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://secunia.com/advisories/46473
ID 29879
Created Nov 03, 2011
Updated Mar 22, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS All
Affected App Oracle