Intrusion Prevention

Oracle.BeeHive.processEvaluation.Remote.Code.Execution

Description

This indicates an attack attempt against a Remote Code Execution vulnerability in Oracle Beehive.
The vulnerability is caused by an improper validation of user supplied data when the vulnerable application handles a maliciously crafted request. An attacker can exploit this to gain access to execute arbitrary code in the context of the vulnerable application via a crafted request.

Affected Products

Oracle Beehive 2.0.1.3
Oracle Beehive 2.0.1.2.1
Oracle Beehive 2.0.1.2
Oracle Beehive 2.0.1.1
Oracle Beehive 2.0.1.0

Impact

System Compromise: Remote attacker can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

CVE References

CVE-2010-4417

Other References

2011-194091