CVE-2012-3133

medium

Published 2012-12-21 · Modified 2026-04-29

CVSS v3

—

CVSS v2

6.8

VIR risk

6.8

Description

Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1.2.1 and 11.1.2.2, Essbase Server 11.1.2.1 and 11.1.2.2, Production Reporting Server 11.1.2.1 and 11.1.2.2, and Integration Services Server 11.1.2.1 and 11.1.2.2 has unknown impact and attack vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secalert_us@oracle.com — https://blogs.oracle.com/sunsecurity/entry/cve_2012_3133_buffer_overflow

Application impact

Vendor	Product	Versions
oracle	hyperion_interactive_reporting	`11.1.2.1`
oracle	hyperion_interactive_reporting	`11.1.2.2`
oracle	essbase_server	`11.1.2.1`
oracle	essbase_server	`11.1.2.2`
oracle	hyperion_production_reporting_server	`11.1.2.1`
oracle	hyperion_production_reporting_server	`11.1.2.2`
oracle	integration_services_server	`11.1.2.1`
oracle	integration_services_server	`11.1.2.2`

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.