Oracle Document Capture Multiple Vulnerabilities
High Nessus Plugin ID 51873
SynopsisThe remote Windows host has one or more ActiveX controls installed that are affected by multiple vulnerabilities.
DescriptionThe Oracle Document Capture client installed on the remote host is potentially affected by multiple vulnerabilities :
- An unspecified vulnerability exists in the Import Export utility. An attacker can exploit this to affect integrity. (CVE-2010-3598)
- An information disclosure vulnerability exists related to the EasyMail ActiveX control. (CVE-2010-3595)
- Insecure methods in the 'Actbar2.ocx' and 'empop3.dll' ActiveX controls can be exploited to overwrite arbitrary files. (CVE-2010-3591)
- An error in the 'WriteJPG()' method in the NCSEcw.dll ActiveX control can be exploited to overwrite arbitrary files or potentially cause a buffer overflow.
- An unspecified vulnerability exists in the Internal Operations component. (CVE-2010-3592)
Note that the NCSEcw.dll control is actually from the ERDAS ECW/JP2 SDK developer toolkit from Intergraph.
SolutionIf using Oracle's Document Capture client, apply the patch from Oracle to disable the ActiveX controls.
If using a different application that includes the NCSEcw.dll control, set the kill bit for the affect control as discussed in Hexagon Geospatial's advisory.