CA Vantage Windows client Log4j fix require for CVE-2010-3599
Article ID: 239282
Updated On:
Products
Vantage Storage Resource Manager
Issue/Introduction
Running 12.7.871.5 Windows client for CA vantage and get the following alert:
- CVE-2010-3599
Details:Tenable APAC DRN Server: Class Identifier : {4932CEF4-2CAA-11D2-A165-0060081C43D9} Filename : C:\\windows\\SysWow64\\Actbar2.ocx Installed version : 2.5.0.32 Moreover, its kill bit is not set so it is accessible via Internet Explorer.
Environment
Vantage
Resolution
All mentioned security vulnerabilities are related to Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 and it's exploitable in combination with emsmtp.dll, empop3.dll and NCSEcw.dll
To exploit these vulnerabilities, Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 must be installed on the system.
Windows Client does not use or deliver any of these files.
Feedback
Yes
No
Powered by
