CVE-2012-0549

Oracle AutoVue Office <20.1.1 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-0549. PoCs published by Metasploit, Brian Gorenc, juan vazquez, including Metasploit module exploits/windows/browser/oracle_autovue_setmarkupmode.

AI-analyzed exploit summary This Metasploit module exploits a stack-based buffer overflow in the Oracle AutoVue ActiveX control via the SetMarkupMode method, leading to remote code execution. It includes heap spraying techniques and ROP chains to bypass DEP and ASLR on various IE versions.

Description

Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/20297

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in the Oracle AutoVue ActiveX control via the SetMarkupMode method, leading to remote code execution. It includes heap spraying techniques and ROP chains to bypass DEP and ASLR on various IE versions.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Oracle AutoVue Desktop Version 20.0.0 (AutoVue.ocx 20.0.0.7330)

No auth needed

Prerequisites: Victim must visit a malicious web page using Internet Explorer 6-9 · Java 6 required for DEP/ASLR bypass

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by Brian Gorenc, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/oracle_autovue_setmarkupmode.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in the Oracle AutoVue ActiveX control via the SetMarkupMode method, achieving remote code execution through a crafted web page. It includes heap spraying techniques and ROP chains to bypass DEP and ASLR on various IE versions.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Oracle AutoVue Desktop Version 20.0.0 (AutoVue.ocx 20.0.0.7330)

No auth needed

Prerequisites: Victim must visit a malicious web page using Internet Explorer 6-9 · Java 6 required for DEP/ASLR bypass on newer IE versions

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Core References

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1026937

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48875

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

Scores

EPSS 0.5941

EPSS Percentile 99.0%

Details

Status published

Products (1)

oracle/supply_chain_products_suite 20.1.1

Published May 03, 2012

Tracked Since Feb 18, 2026