CVE-2007-4467

Name of the Vulnerable Software and Affected Versions Oracle JInitiator ActiveX control (beans.ocx) versions 1.1.8.3 through 1.1.8.25 Oracle JInitiator ActiveX control (beans.ocx) versions 1.1.5.x and earlier Oracle JInitiator ActiveX control (beans.ocx) versions 1.1.7.x and earlier

Description The issue allows remote attackers to execute arbitrary code via unspecified initialization parameters, which can lead to multiple stack-based buffer overflows in the Oracle JInitiator ActiveX control.

Recommendations For versions 1.1.8.3 through 1.1.8.25, consider updating to a version later than 1.1.8.25 to resolve the issue. For versions 1.1.5.x and earlier, consider updating to a version later than 1.1.5.x to resolve the issue. For versions 1.1.7.x and earlier, consider updating to a version later than 1.1.7.x to resolve the issue. As a temporary workaround, consider restricting the use of initialization parameters in the Oracle JInitiator ActiveX control until a patch is available.