Unrated severityNVD Advisory· Published Aug 17, 2010· Updated Apr 29, 2026

CVE-2009-3737

Description

The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document.

Affected products

Oracle Corporation/Siebel Option Pack Ie Activex Control
cpe:2.3:a:oracle:siebel_option_pack_ie_activex_control:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/40804nvdVendor Advisory
www.vupen.com/english/advisories/2010/2028nvdVendor Advisory
www.kb.cert.org/vuls/id/174089nvdUS Government Resource
www.osvdb.org/66926nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000