CVE-2012-3133 - OpenCVE

Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1.2.1 and 11.1.2.2, Essbase Server 11.1.2.1 and 11.1.2.2, Production Reporting Server 11.1.2.1 and 11.1.2.2, and Integration Services Server 11.1.2.1 and 11.1.2.2 has unknown impact and attack vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oracle	Essbase Server Hyperion Interactive Reporting Hyperion Production Reporting Server Integration Services Server

Configuration 1 [-]

OR	cpe:2.3:a:oracle:hyperion_interactive_reporting:11.1.2.1:::::::*
	cpe:2.3:a:oracle:hyperion_interactive_reporting:11.1.2.2:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:oracle:essbase_server:11.1.2.1:::::::*
	cpe:2.3:a:oracle:essbase_server:11.1.2.2:::::::*

Configuration 3 [-]

OR	cpe:2.3:a:oracle:hyperion_production_reporting_server:11.1.2.1:::::::*
	cpe:2.3:a:oracle:hyperion_production_reporting_server:11.1.2.2:::::::*

Configuration 4 [-]

OR	cpe:2.3:a:oracle:integration_services_server:11.1.2.1:::::::*
	cpe:2.3:a:oracle:integration_services_server:11.1.2.2:::::::*

No data.

References

Link	Providers
https://blogs.oracle.com/sunsecurity/entry/cve_2012_3133_buffer_overflow

History

No history.

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2012-12-21T02:00:00Z

Updated: 2024-09-16T20:06:47.613Z

Reserved: 2012-06-06T00:00:00Z

Link: CVE-2012-3133

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2012-12-21T05:46:15.980

Modified: 2013-01-08T05:00:00.000

Link: CVE-2012-3133

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1.2.1 and 11.1.2.2, Essbase Server 11.1.2.1 and 11.1.2.2, Production Reporting Server 11.1.2.1 and 11.1.2.2, and Integration Services Server 11.1.2.1 and 11.1.2.2 has unknown impact and attack vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-12-21T02:00:00Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3133_buffer_overflow"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2012-3133", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1.2.1 and 11.1.2.2, Essbase Server 11.1.2.1 and 11.1.2.2, Production Reporting Server 11.1.2.1 and 11.1.2.2, and Integration Services Server 11.1.2.1 and 11.1.2.2 has unknown impact and attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3133_buffer_overflow", "refsource": "CONFIRM", "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3133_buffer_overflow"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:57:50.350Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3133_buffer_overflow"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2012-3133", "datePublished": "2012-12-21T02:00:00Z", "dateReserved": "2012-06-06T00:00:00Z", "dateUpdated": "2024-09-16T20:06:47.613Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:hyperion_interactive_reporting:11.1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C78DD13A-B296-454C-A2E2-E4F90B85609D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:hyperion_interactive_reporting:11.1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D88A52E1-FBED-47FC-A05A-C9CABA13F3DF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:essbase_server:11.1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C5E4F7B6-62E8-4AFE-8A03-B1AF70201FBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:essbase_server:11.1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEED768E-50B3-4542-824C-BCFD39E6B54D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:hyperion_production_reporting_server:11.1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1F1E39D5-B5F3-4776-B664-F0E2F384AEFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:hyperion_production_reporting_server:11.1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "A11A1134-105C-4B54-BAE2-2604FA877B85", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:integration_services_server:11.1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EF2602DB-A179-43DC-ADB2-9E86E1D5FEA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:integration_services_server:11.1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D128950-9558-416C-AFD1-0CCF513D3B1D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1.2.1 and 11.1.2.2, Essbase Server 11.1.2.1 and 11.1.2.2, Production Reporting Server 11.1.2.1 and 11.1.2.2, and Integration Services Server 11.1.2.1 and 11.1.2.2 has unknown impact and attack vectors."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el controlador DataDirect ODBC, como se usa en Oracle Hyperion Interactive Reporting v11.1.2.1 and v11.1.2.2, Essbase Server v11.1.2.1 y v11.1.2.2, Production Reporting Server v11.1.2.1 y v11.1.2.2, e Integration Services Server v11.1.2.1 y v11.1.2.2 tiene un impacto y vectores de ataque desconocidos."}], "id": "CVE-2012-3133", "lastModified": "2013-01-08T05:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-12-21T05:46:15.980", "references": [{"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_3133_buffer_overflow"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}