Oracle.Hyperion.Strategic.Finance.TTF16.ActiveX.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a Buffer Overflow vulnerability in Oracle Hyperion Strategic Finance Client.
The vulnerability, which is located in the "TTF16.ocx" ActiveX control, can be exploited through the vulnerable method "SetDevNames". It may allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely cause the program to crash, resulting in a denial of service condition.

affected-products-logoAffected Products

Oracle Hyperion Strategic Finance 12.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Disable this ActiveX Control by setting its kill bit {B0475003-7740-11D1-BDC3-0020AF9F8E6E}, by the method shown on the website: http://support.microsoft.com/kb/240797

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-03-05 14.565 Sig Added