Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-0549 — Oracle Supply Chain Products Suite vulnerability

4 documents4 sources

Severity

7.5HIGHNVD

EPSS

85.1%

top 0.64%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Oracle Supply Chain Products Suite

Timeline

PublishedMay 3

Latest updateMay 4

Description

Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDoracle/supply_chain_products_suite20.1.1

🔴Vulnerability Details

GHSA

GHSA-7q57-p6qc-cv4q: Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20↗2022-05-04

▶

CVEList

CVE-2012-0549: Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20↗2012-05-03

▶

💥Exploits & PoCs

Exploit-DB

Oracle AutoVue - ActiveX Control SetMarkupMode Buffer Overflow (Metasploit)↗2012-08-06

▶