HTTP: Oracle Document Capture Unsafe ActiveX Control
This signature detects attempts to use unsafe ActiveX controls in Oracle Document Capture. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Unspecified vulnerability in the Oracle WebCenter Capture component in Oracle Fusion Middleware 10.1.3.5.1 allows remote authenticated users to affect availability via unknown vectors related to Import Server.
Affected Products
Oracle fusion_middleware
References
CVE: CVE-2013-1516
URL: http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
Short Name
HTTP:STC:ACTIVEX:DOC-CAPTURE-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2013-1516 Capture Control Document Oracle Unsafe
Release Date
10/21/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Oracle
CVSS Score
4.0