Oracle OIT IX SDK libvs_pdf FlateDecode Colors Denial of Service Vulnerabiity(CVE-2016-3578)

DESCRIPTION A null pointer dereference leading to process crash can occur while parsing a malformed PDF file. TESTED VERSIONS Oracle Outside In IX sdk 8.5.1 PRODUCT URLs http://www.oracle.com/technetwork/middleware/content-management/oit-all-085236.html DETAILS While parsing a PDF file which...

Oracle OIT IX SDK libvs_pdf Root xref Denial of Service Vulnerabiity(CVE-2016-3577)

DESCRIPTION A stack overflow leading to a crash due to unbounded recusive function call is present in the PDF file format parsing code of the IX SDK. TESTED VERSIONS Oracle Outside In IX sdk 8.5.1 PRODUCT URLs http://www.oracle.com/technetwork/middleware/content-management/oit-all-085236.html...

Oracle OIT IX SDK libvs_pdf arbitrary pointer access(CVE-2016-3579)

Description When parsing a specially crafted PDF document, a value derived from a file is used as a memory pointer leading to a process crash. Tested Versions Outside In IX SDK 8.5.1. Product URLs http://www.oracle.com/technetwork/middleware/content-management/oit-all-085236.html Details When...

Oracle OIT ContentAccess libvs_mwkd VwStreamSection Code Execution Vulnerability(CVE-2016-3593)

Description A partially controlled memory corruption vulnerability exists in Mac Works Database file format parsing code of Oracle Outside In Technology Content Access SDK. An unchecked pointer arithmetic leads to an out of bounds memory overwrite resulting in arbitrary code execution. Tested...

Oracle OIT IX SDK libvs_pdf Tj Operator Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0098 Oracle OIT IX SDK libvspdf Tj Operator Denial of Service Vulnerability July 19, 2016 CVE Number CVE-2016-3576 DESCRIPTION When parsing a specialy crafted PDF document, a NULL pointer dereference leading to a process termination. A pointer value from a...

Oracle OIT ContentAccess libvs_mwkd VwStreamSection Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0159 Oracle OIT ContentAccess libvsmwkd VwStreamSection Code Execution Vulnerability July 19, 2016 CVE Number CVE-2016-3593 Description A partially controlled memory corruption vulnerability exists in Mac Works Database file format parsing code of Oracle...

Oracle OIT ContentAccess libvs_word+63AC Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0158 Oracle OIT ContentAccess libvsword+63AC Code Execution Vulnerability July 19, 2016 CVE Number CVE-2016-3592 Description Partially controlled memory write vulnerability exists in Mac Word file format parsing code of Oracle Outside In Technology Content...

Oracle OIT IX SDK libvs_pdf arbitrary pointer access

Talos Vulnerability Report TALOS-2016-0101 Oracle OIT IX SDK libvspdf arbitrary pointer access July 19, 2016 CVE Number CVE-2016-3579 Description When parsing a specially crafted PDF document, a value derived from a file is used as a memory pointer leading to a process crash. Tested Versions...

Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity

Talos Vulnerability Report TALOS-2016-0103 Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity July 19, 2016 CVE Number CVE-2016-3581 Description While parsing a specially crafted TIFF file, a parser confussion can lead to a heap buffer overflow resulting in out of bounds memory...

Oracle OIT ContentAccess libvs_mwkd VwStreamReadRecord Memory Corruption Vulnerability

Talos Vulnerability Report TALOS-2016-0157 Oracle OIT ContentAccess libvsmwkd VwStreamReadRecord Memory Corruption Vulnerability July 19, 2016 CVE Number CVE-2016-3591 Description Partially controlled memory write vulnerability exists in Mac Works Database file format parsing code of Oracle Outsi...

Oracle OIT IX SDK libvs_pdf Kids List Information Leak

Talos Vulnerability Report TALOS-2016-0096 Oracle OIT IX SDK libvspdf Kids List Information Leak July 19, 2016 CVE Number CVE-2016-3574 DESCRIPTION When parsing a specially crafted PDF document, the parser is expecting a pointer where string is located leading to a read access violation with a...

Oracle OIT IX SDK TIFF file parsing heap buffer overflow

Talos Vulnerability Report TALOS-2016-0104 Oracle OIT IX SDK TIFF file parsing heap buffer overflow July 19, 2016 CVE Number CVE-2016-3582 Description While parsing a specially crafted TIFF file, a parser confusion can lead to a heap buffer overflow resulting in out of bounds memory overwrite and...

Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0160 Oracle OIT ImageExport libvsbmp BMP BIRLE8 Width Code Execution Vulnerability July 19, 2016 Description A vulnerability in libvseshr can lead to remote code execution while parsing a specially crafted Word document containing a reference to Escher drawin...

Oracle OIT IX SDK libvs_pdf FlateDecode Colors Denial of Service Vulnerabiity

Talos Vulnerability Report TALOS-2016-0100 Oracle OIT IX SDK libvspdf FlateDecode Colors Denial of Service Vulnerabiity July 19, 2016 CVE Number CVE-2016-3578 DESCRIPTION A null pointer dereference leading to process crash can occur while parsing a malformed PDF file. TESTED VERSIONS Oracle Outsi...

Oracle OIT IX SDK libvs_pdf Root xref Denial of Service Vulnerabiity

Talos Vulnerability Report TALOS-2016-0099 Oracle OIT IX SDK libvspdf Root xref Denial of Service Vulnerabiity July 19, 2016 CVE Number CVE-2016-3577 DESCRIPTION A stack overflow leading to a crash due to unbounded recusive function call is present in the PDF file format parsing code of the IX SD...

Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0163 Oracle OIT ImageExport libvsbmp BMP BIRLE8 Width Code Execution Vulnerability July 19, 2016 CVE Number CVE-2016-3596 Description When parsing a specially crafted BMP file, an erroneous memory copy operation can cause a heap buffer overflow leading to...