CVE-2012-0549

Oracle AutoVue Office <20.1.1 - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/20297

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Brian Gorenc, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/oracle_autovue_setmarkupmode.rb

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1026937

[Third Party Advisory] http://secunia.com/advisories/48875

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

Scores

EPSS 0.8507

EPSS Percentile 99.4%

Details

Status published

Products (1)

oracle/supply_chain_products_suite 20.1.1

Published May 03, 2012

Tracked Since Feb 18, 2026