Oracle OIT IX SDK libvs_pdf Tj Operator Denial of Service Vulnerability(CVE-2016-3576)

DESCRIPTION When parsing a specialy crafted PDF document, a NULL pointer dereference leading to a process termination. A pointer value from a memory structure initialized to zero is reference without check. TESTED VERSIONS Oracle Outside In IX SDK 8.5.1 PRODUCT URLs...

Oracle OIT IX SDK libvs_pdf Kids List Information Leak(CVE-2016-3574)

DESCRIPTION When parsing a specially crafted PDF document, the parser is expecting a pointer where string is located leading to a read access violation with a controlled source operand. TESTED VERSIONS Oracle Outside In IX SDK 8.5.1 PRODUCT URLs...

Oracle OIT IX SDK libvs_pdf Size Integer Overflow Vulnerability(CVE-2016-3575)

DESCRIPTION An integer overflow leading to two distinct issues can be triggered by a specially crafted PDF file. TESTED VERSIONS Oracle Outside In IX sdk 8.5.1 PRODUCT URLs http://www.oracle.com/technetwork/middleware/content-management/oit-all-085236.html DETAILS While parsing a PDF file with...

Oracle OIT IX SDK libvs_pdf FlateDecode Colors Denial of Service Vulnerabiity(CVE-2016-3578)

DESCRIPTION A null pointer dereference leading to process crash can occur while parsing a malformed PDF file. TESTED VERSIONS Oracle Outside In IX sdk 8.5.1 PRODUCT URLs http://www.oracle.com/technetwork/middleware/content-management/oit-all-085236.html DETAILS While parsing a PDF file which...

Oracle OIT IX SDK libvs_pdf Root xref Denial of Service Vulnerabiity(CVE-2016-3577)

DESCRIPTION A stack overflow leading to a crash due to unbounded recusive function call is present in the PDF file format parsing code of the IX SDK. TESTED VERSIONS Oracle Outside In IX sdk 8.5.1 PRODUCT URLs http://www.oracle.com/technetwork/middleware/content-management/oit-all-085236.html...

Oracle OIT IX SDK libvs_pdf Kids List Information Leak

Talos Vulnerability Report TALOS-2016-0096 Oracle OIT IX SDK libvspdf Kids List Information Leak July 19, 2016 CVE Number CVE-2016-3574 DESCRIPTION When parsing a specially crafted PDF document, the parser is expecting a pointer where string is located leading to a read access violation with a...

Oracle OIT IX SDK libvs_pdf Root xref Denial of Service Vulnerabiity

Talos Vulnerability Report TALOS-2016-0099 Oracle OIT IX SDK libvspdf Root xref Denial of Service Vulnerabiity July 19, 2016 CVE Number CVE-2016-3577 DESCRIPTION A stack overflow leading to a crash due to unbounded recusive function call is present in the PDF file format parsing code of the IX SD...

Oracle IOT IX SDK libvs_pdf XRef Index Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0086 Oracle IOT IX SDK libvspdf XRef Index Code Execution Vulnerability April 19, 2016 CVE Number CVE-2016-3455 DESCRIPTION A vulnerability in PDF parser of the IX SDK exists that allows an out of bounds heap memory overwrite potentially leading to remote cod...