| Name | Oracle.Document.Capture.EasyMail.ActiveX.Control.Access |
| Release Date | Dec 29, 2009 |
| Severity | High |
| Impact | System Compromise |
| Description | This indicates an attack attempt against a buffer-overflow vulnerability in Oracle Document Capture which is integrated with Oracle Imaging and Process Management and Oracle Universal Content Management products.
The vulnerability is caused by an error when the EasyMail IMAP4 ActiveX component handles a specially crafted LicenseKey property. It allows a remote attacker to execute arbitrary code. |
| Affected Products | Oracle Document Capture 10.1.3.5.0 |
| Recommended Actions | Set the kill bit for the CLSID {0CEA3FB1-7F88-4803-AA8E-AD021566955D}. |
| Reference/s | http://secunia.com/advisories/37269/
|