‫ Oracle Outside In Technology Multiple Vulnerabilities

IRCAD2012072070
ID: IRCAD2012072070
Release Date: 2012-07-18
Criticality level: Highly critical
 
Software:
Oracle Outside In Technology 8.x
 
Description:
Multiple vulnerabilities have been reported in Oracle Outside In Technology, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
1) An unspecified error in the Outside In Filters component can be exploited via a specially crafted VSD file.
2) An unspecified error in the Outside In Filters component can be exploited via a specially crafted WSD file.
3) An unspecified error in the Outside In Filters component can be exploited via a specially crafted JP2 file.
4) An unspecified error in the Outside In Filters component can be exploited via a specially crafted DOC file.
5) An unspecified error in the Outside In Filters component can be exploited via a specially crafted SXD file.
6) An unspecified error in the Outside In Filters component can be exploited via a specially crafted LWP file.
7) An unspecified error in the Outside In Filters component can be exploited via a specially crafted PCX file.
8) An unspecified error in the Outside In Filters component can be exploited via a specially crafted SXI file.
9) An unspecified error in the Outside In Filters component can be exploited via a specially crafted DPT file.
10) An unspecified error in the Outside In Filters component can be exploited via a specially crafted PDF file.
11) An unspecified error in the Outside In Filters component can be exploited via a specially crafted SAM file.
12) An unspecified error in the Outside In Filters component can be exploited via a specially crafted ODG file.
13) An unspecified error in the Outside In Filters component can be exploited via a specially crafted CDR file.
14) An unspecified error in the Outside In Filters component can be exploited via a specially crafted file.
Successful exploitation of these vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in versions 8.3.5 and 8.3.7.
 
Solution
Apply updates (please see the vendor's advisory for details).
 
References:
Oracle:
US-CERT (VU#118913):
 
Secunia:
 
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 28 تیر 1391

امتیاز

امتیاز شما
تعداد امتیازها:0