Vulnerability Note VU#118913
Oracle Outside In contains multiple exploitable vulnerabilities
Oracle Outside In contains multiple exploitable vulnerabilities in its parsers, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Oracle Outside In is a set of libraries that can decode over 500 different file formats. Originally written by Stellent, Outside In is now part of Oracle. The Oracle Outside In libraries are used by a variety of applications, including Microsoft Exchange, Oracle Fusion Middleware, Guidance Encase Forensics, AccessData FTK, and Novell Groupwise.
Outside In versions before 22.214.171.124 and 126.96.36.19969 fail to properly handle multiple file types when the data is malformed. The file types that have vulnerable parsers are: .VSD, .WSD, .JP2, .DOC, .SXD, .LWP, .PCX, .SXI, .DPT, .PDF, .SAM, .ODG, and .CDR.
By causing an application to process a specially-crafted file with the Oracle Outside In library, a remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the vulnerable application. Depending on what application is using Outside In, this may happen as the result of some user interaction, such as single-clicking on a file, or it may happen with no user interaction at all.
Apply an update
Use the Microsoft Enhanced Mitigation Experience Toolkit
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|AccessData||Affected||15 Jul 2012||17 Jul 2012|
|ACD Systems International||Affected||-||17 Jul 2012|
|Avantstar||Affected||-||17 Jul 2012|
|Avira||Affected||-||26 Jul 2012|
|Cisco Systems, Inc.||Affected||15 Jul 2012||17 Jul 2012|
|Good Technology||Affected||-||03 Aug 2012|
|Guidance Software, Inc.||Affected||15 Jul 2012||17 Jul 2012|
|Hewlett-Packard Company||Affected||15 Jul 2012||17 Jul 2012|
|IBM Corporation||Affected||15 Jul 2012||17 Jul 2012|
|Kamel Software||Affected||-||17 Jul 2012|
|kcura||Affected||15 Jul 2012||17 Jul 2012|
|Kroll Ontrack Inc||Affected||15 Jul 2012||17 Jul 2012|
|Lucion||Affected||15 Jul 2012||17 Jul 2012|
|MarkLogic Corporation||Affected||15 Jul 2012||17 Jul 2012|
|McAfee||Affected||15 Jul 2012||17 Jul 2012|
CVSS Metrics (Learn More)
This vulnerability was reported by Will Dormann of the CERT/CC.
This document was written by Will Dormann.
- CVE IDs: CVE-2012-1766 CVE-2012-1767 CVE-2012-1768 CVE-2012-1769 CVE-2012-1770 CVE-2012-1771 CVE-2012-1772 CVE-2012-1773 CVE-2012-3106 CVE-2012-3107 CVE-2012-3108 CVE-2012-3109 CVE-2012-3110
- Date Public: 17 Jul 2012
- Date First Published: 17 Jul 2012
- Date Last Updated: 31 May 2013
- Document Revision: 47
If you have feedback, comments, or additional information about this vulnerability, please send us email.