Secunia: Secunia Research details the Vulnerability in Oracle Outside In

[Rss Bot 1]

By Dmitry Janushkevich, Security Specialist Yesterday, Oracle issued a patch for Outside In, which fixes a vulnerability discovered by Secunia Research. (1,2) The vulnerability is rated Moderately Critical by Secunia Research. Product Background(3) Oracle Outside In Technology provides software developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. From the latest Microsoft office suites, to specialty formats and legacy files, Outside In Technology provides software developers with the tools to transform unstructured files into controllable information. Issue Summary The fixed vulnerability, assigned CVE-2015-0493, is caused due to a sign extension error when handling PSD files within the ibpsd2.dll component. The vulnerability can be exploited to cause a heap-based buffer overflow and crash an application using the SDK or, potentially, execute arbitrary code within the context of such an application. The vulnerability has been confirmed in the ibpsd2.dll component version 8.5.1.0. Prior...

View the full article