4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.879 High
EPSS
Percentile
98.6%
Added: 08/05/2011
CVE: CVE-2011-2264
BID: 48766
OSVDB: 73912
Oracle Outside In is a suite of Software Development Kits (SDKs) and tools that provide functionality for reading and writing many different file formats. The Outside In SDK is embedded by multiple client and server products that need parsing of various file formats.
Outside In supports Corel Corporation’s CDR file format used by the vector graphics editor CorelDRAW.
Patches to Outside In are described in the Oracle Critical Patch Update Advisory for July 2011.
Update products that incorporate the vulnerable version of Outside In, such as Avantstar Quick View Plus when updates become available.
<http://secunia.com/advisories/45297>
<http://www.kb.cert.org/vuls/id/520721>
Exploit works on Avantstar Quick View Plus 11.1.0 Standard Edition.
Windows