Published:2013/07/17  Last Updated:2013/07/17

JVN#07497769
Oracle Outside In vulnerable to buffer overflow

Overview

Oracle Outside In contains a buffer overflow vulnerability.

Products Affected

  • Oracle Outside In 8.3.7 and earlier

Description

Oracle Outside In is a library to decode over 500 file types. Oracle Outside In contains a buffer overflow vulnerability.

Impact

When Oracle Outside In processes a specially crafted Ichitaro Word Processor file, arbitrary code may be executed.

Solution

Apply an update
Update to the latest version according to the information provided by the developer.

Vendor Status

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Takahiro Haruyama of Internet Initiative Japan Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2013-3781
JVN iPedia JVNDB-2013-000070