Oracle Document Capture Multiple Vulnerabilities

High Nessus Plugin ID 51873


The remote Windows host has one or more ActiveX controls installed that are affected by multiple vulnerabilities.


The Oracle Document Capture client installed on the remote host is potentially affected by multiple vulnerabilities :

- An unspecified vulnerability exists in the Import Export utility. An attacker can exploit this to affect integrity. (CVE-2010-3598)

- An information disclosure vulnerability exists related to the EasyMail ActiveX control. (CVE-2010-3595)

- Insecure methods in the 'Actbar2.ocx' and 'empop3.dll' ActiveX controls can be exploited to overwrite arbitrary files. (CVE-2010-3591)

- An error in the 'WriteJPG()' method in the NCSEcw.dll ActiveX control can be exploited to overwrite arbitrary files or potentially cause a buffer overflow.

- An unspecified vulnerability exists in the Internal Operations component. (CVE-2010-3592)

Note that the NCSEcw.dll control is actually from the ERDAS ECW/JP2 SDK developer toolkit from Intergraph.


If using Oracle's Document Capture client, apply the patch from Oracle to disable the ActiveX controls.

If using a different application that includes the NCSEcw.dll control, set the kill bit for the affect control as discussed in Hexagon Geospatial's advisory.

See Also

Plugin Details

Severity: High

ID: 51873

File Name: oracle_document_capture_activex.nasl

Version: $Revision: 1.11 $

Type: local

Agent: windows

Family: Windows

Published: 2011/02/04

Modified: 2016/01/22

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 9.4

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:fusion_middleware

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/01/18

Vulnerability Publication Date: 2011/01/18

Reference Information

CVE: CVE-2010-3591, CVE-2010-3592, CVE-2010-3595, CVE-2010-3598, CVE-2010-3599

BID: 45846, 45849, 45851, 45856, 45871

OSVDB: 70537, 70538, 70541, 70544, 70545, 99002

EDB-ID: 16052, 16053, 16055, 16056

Secunia: 42976