This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Outside In. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of RIFF files. When processing a LIST record, the size field is treated as a signed integer during input validation but is then treated as an unsigned integer when copying data. This can be leveraged by a remote attacker can leverage to gain code execution under the context of the user running the application.