CVE-2012-1714

critical

Published 2012-12-21 · Modified 2026-04-29

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Unspecified vulnerability in a TList 6 ActiveX control in Oracle Hyperion Financial Management 11.1.1.4 and 11.1.2.1.104 allows remote attackers to execute arbitrary code via unknown vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secalert_us@oracle.com — https://blogs.oracle.com/sunsecurity/entry/cve_2012_1714_tlist_6

Application impact

Vendor	Product	Versions	Fixed
oracle	hyperion_financial_management	`11.1.1.4`
oracle	hyperion_financial_management	`11.1.2.1.104`

References

https://blogs.oracle.com/sunsecurity/entry/cve_2012_1714_tlist_6
https://blogs.oracle.com/sunsecurity/entry/cve_2012_1714_tlist_6

Verify integrity in audit chain (admin only). AS-IS.