Inscrivez-vous maintenant pour un meilleur devis personnalisé!

Vulnerability Spotlight: Multiple Code Execution Vulnerabilities in Oracle Outside In Technology

Jan, 18, 2017 Hi-network.com

These vulnerabilities were discovered by Aleksandar Nikolic of Cisco Talos.

Summary

Oracle's Outside In Technology (OIT) is a set of SDKs that software developers can use to perform various actions against a large number of different file formats. According to the OIT website: "Outside In Technology is a suite of software development kits (SDKs) that provides developers with a comprehensive solution to extract, normalize, scrub, convert and view the contents of 600 unstructured file formats." Talos recently discovered vulnerabilities in the RTF and PDF parsers used by OIT that can be used to achieve arbitrary code execution on affected systems. Specially crafted files that leverage these parsers can be used to create conditions that could be leveraged by an attacker to obtain the ability to execute arbitrary code on affected systems.

Read More >>


tag-icon Tags chauds:

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.