Vulnerability Details : CVE-2012-3133
Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1.2.1 and 11.1.2.2, Essbase Server 11.1.2.1 and 11.1.2.2, Production Reporting Server 11.1.2.1 and 11.1.2.2, and Integration Services Server 11.1.2.1 and 11.1.2.2 has unknown impact and attack vectors.
Vulnerability category: Overflow
Exploit prediction scoring system (EPSS) score for CVE-2012-3133
Probability of exploitation activity in the next 30 days: 0.20%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 57 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-3133
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2012-3133
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-3133
-
https://blogs.oracle.com/sunsecurity/entry/cve_2012_3133_buffer_overflow
CVE-2012-3133 Buffer Overflow in DataDirect ODBC driver affects Hyperion Interactive Reporting, Hyperion Production Reporting Server, Hyperion Essbase Server, Hyperion Integration Services Server | OrVendor Advisory
Products affected by CVE-2012-3133
- cpe:2.3:a:oracle:hyperion_interactive_reporting:11.1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:hyperion_interactive_reporting:11.1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:essbase_server:11.1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:essbase_server:11.1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:hyperion_production_reporting_server:11.1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:hyperion_production_reporting_server:11.1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:integration_services_server:11.1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:integration_services_server:11.1.2.2:*:*:*:*:*:*:*