Lucene search
Francis ProvencherEDB-ID:38789HistoryNov 23, 2015 - 12:00 a.m.
Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption (2)
2015-11-2300:00:00
Francis Provencher
www.exploit-db.com
19
6.9 Medium
AI Score
Confidence
Low
1.5 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
9.2%
#####################################################################################
Application: Oracle Outside In
Platforms: Windows
Versions: 8.5.2
CVE: CVE-2015-4878
Author: Francis Provencher of COSIG
Twitter: @COSIG_
#####################################################################################
1) Introduction
2) Report Timeline
3) Technical details
4) POC
#####################################################################################
===============
1) Introduction
===============
Oracle Outside In Technology provides software developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. From the latest office suites, such as Microsoft Office 2007, to specialty formats and legacy files, Outside In Technology provides software developers with the tools to transform unstructured files into controllable information.
(http://www.oracle.com/us/technologies/embedded/025613.htm)
#####################################################################################
============================
2) Report Timeline
============================
2015-06-09: Francis Provencher of COSIG found the issue;
2015-06-11: Francis Provencher of COSIG report vulnerability to Oracle SA;
2015-10-18: Oracle release a patch for this issue;
#####################################################################################
============================
3) Technical details
============================
A Use-After-Free memory corruption occured when Outside In decode (JBIG2Decode) a stream with an invalid image.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening or previewing a malicious file.
#####################################################################################
===========
4) POC
===========
http://protekresearchlab.com/exploits/COSIG-2015-003.pdf
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38789.zip
###############################################################################Related
exploitpack
exploitpack
Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption (2)
2015-11-23 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in Oracle Outside In Technology affects IBM Rational DOORS Next Generation (CVE-2015-4877, CVE-2015-4878)
2018-06-17 05:07:47
cve
cve
CVE-2015-4878
2015-10-21 23:59:00
CVE-2015-4877
2015-10-21 23:59:00
prion
prion
Buffer overflow
2015-10-21 23:59:00
Buffer overflow
2015-10-21 23:59:00
securityvulns
securityvulns
Secunia Research: Oracle Outside In Two Buffer Overflow Vulnerabilities
2015-11-02 00:00:00
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2015-11-02 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2015
2015-10-20 00:00:00
6.9 Medium
AI Score
Confidence
Low
1.5 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
9.2%
Related for EDB-ID:38789