Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption (2)

🗓️ 23 Nov 2015 00:00:00Reported by Francis ProvencherType

Oracle Outside In PDF 8.5.2 Parsing Memory Corruptio

Reporter	Title	Published	Views	Family All 14
IBM Security Bulletins	Security Bulletin: Vulnerability in Oracle Outside In Technology affects IBM Rational DOORS Next Generation (CVE-2015-4877, CVE-2015-4878)	17 Jun 201805:07	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Content Collector affected by vulnerabilities in Oracle Outside In Technology (CVE-2015-4809,CVE-2015-4811,CVE-2015-4877,CVE-2015-4878, CVE-2015-0474,CVE-2015-0493)	17 Jun 201812:13	–	ibm
IBM Security Bulletins	Security Bulletin: Four vulnerabilities exist in IBM FileNet Content Manager and IBM Content Foundation (CVE-2015-4809, CVE-2015-4811, CVE-2015-4877, CVE-2015-4878)	17 Jun 201812:13	–	ibm
CNVD	Oracle Fusion Middleware Outside In Technology Component Denial of Service Vulnerability	22 Oct 201500:00	–	cnvd
CVE	CVE-2015-4878	21 Oct 201523:00	–	cve
Cvelist	CVE-2015-4878	21 Oct 201523:00	–	cvelist
EUVD	EUVD-2015-4895	7 Oct 202500:30	–	euvd
exploitpack	Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption (2)	23 Nov 201500:00	–	exploitpack
NVD	CVE-2015-4878	21 Oct 201523:59	–	nvd
Oracle	Oracle Critical Patch Update Advisory - October 2015	20 Oct 201500:00	–	oracle

#####################################################################################

Application:   Oracle Outside In

Platforms:   Windows

Versions:   8.5.2

CVE:   CVE-2015-4878

Author:   Francis Provencher of COSIG

Twitter:   @COSIG_

#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) POC

#####################################################################################

===============
1) Introduction
===============

Oracle Outside In Technology provides software developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. From the latest office suites, such as Microsoft Office 2007, to specialty formats and legacy files, Outside In Technology provides software developers with the tools to transform unstructured files into controllable information.

(http://www.oracle.com/us/technologies/embedded/025613.htm)

#####################################################################################

============================
2) Report Timeline
============================

2015-06-09: Francis Provencher of COSIG found the issue;
2015-06-11: Francis Provencher of COSIG report vulnerability to Oracle SA;
2015-10-18: Oracle release a patch for this issue;

#####################################################################################

============================
3) Technical details
============================

A Use-After-Free memory corruption occured when Outside In decode (JBIG2Decode) a stream with an invalid image.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening or previewing a malicious file.

#####################################################################################

===========

4) POC

===========

http://protekresearchlab.com/exploits/COSIG-2015-003.pdf
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38789.zip

###############################################################################

23 Nov 2015 00:00Current

7High risk

Vulners AI Score7

CVSS 21.5

EPSS0.00366