Published:2013/07/17 Last Updated:2013/07/17
JVN#07497769
Oracle Outside In vulnerable to buffer overflow
Overview
Oracle Outside In contains a buffer overflow vulnerability.
Products Affected
- Oracle Outside In 8.3.7 and earlier
Description
Oracle Outside In is a library to decode over 500 file types. Oracle Outside In contains a buffer overflow vulnerability.
Impact
When Oracle Outside In processes a specially crafted Ichitaro Word Processor file, arbitrary code may be executed.
Solution
Apply an update
Update to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| Oracle | Oracle Critical Patch Update Advisory - July 2013 |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Takahiro Haruyama of Internet Initiative Japan Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2013-3781 |
| JVN iPedia |
JVNDB-2013-000070 |