Published:2013/07/17 Last Updated:2013/07/17
JVN#68663052
Oracle Outside In vulnerable to denial-of-service (DoS)
Overview
Oracle Outside In contains a denial-of-service (DoS) vulnerability.
Products Affected
- Oracle Outside In version 8.4.1 and earlier
Description
Oracle Outside In is a library to decode over 500 file types. Oracle Outside In contains a denial-of-service (DoS) vulnerability.
Impact
When Oracle Outside In processes a specially crafted Hangul Word Processor file, the process may hang.
Solution
Apply an update
Update to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| Oracle | Oracle Critical Patch Update Advisory - July 2013 |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Takahiro Haruyama of Internet Initiative Japan Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2013-3776 |
| JVN iPedia |
JVNDB-2013-000071 |