CVE-2011-5167
Oracle Hyperion Strategic Finance < 12.0 - Memory Corruption
Title source: ruleDescription
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by rgod · htmlremotewindows
https://www.exploit-db.com/exploits/18092
References (7)
Scores
EPSS
0.5847
EPSS Percentile
98.2%
Details
CWE
CWE-119
Status
published
Products (3)
oracle/hyperion_strategic_finance
11.1.2.1.0
oracle/hyperion_strategic_finance
< 12.0
tidestone/formula_one_activex_control
6.3.5.1
Published
Sep 15, 2012
Tracked Since
Feb 18, 2026