Oracle WebCenter Capture ActiveX SetAnnotationFont buffer overflow

Added: 06/26/2013
CVE: CVE-2013-1516
BID: 59112
OSVDB: 92387

Background

Oracle WebCenter Capture (formerly Oracle Document Capture) is a centralized document scanning solution.

Problem

The Import Server subcomponent of Oracle WebCenter Capture is affected by a buffer overflow vulnerability. The vulnerability could allow command execution when a user loads a web page which calls the SetAnnotationFont method of the BlackIceDevMode.ocx ActiveX control with specially crafted parameters.

Resolution

Apply the update referenced in Oracle Critical Patch Update Advisory - April 2013.

References

http://www.zerodayinitiative.com/advisories/ZDI-13-091/

Limitations

Exploit works on Oracle WebCenter Capture 10.1.3.5.0 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn), and requires a user to open the exploit page in Internet Explorer 8 or 9.

JRE 6 must be installed on Windows 7.

Platforms

Windows

Back to exploit index