Microsoft Corporation Information for VU#959313
Oracle Outside In OS/2 Metafile parser stack buffer overflow
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Microsoft Exchange 2007, 2010, and 2013 use Oracle Outside In for its WebReady document viewing feature. By viewing a document with OWA WebReady, arbitrary code may execute on the Exchange server. Please see Microsoft Security Bulletin MS13-105 for updates. Microsoft FAST Search Server 2010 for SharePoint Parsing also uses Oracle Outside In.
If you have feedback, comments, or additional information about this vulnerability, please send us email.