Oracle Outside-In DOCX File Parsing Memory Corruption

vendor:

Outside In Technology

by:

Francis Provencher

7.5

CVSS

HIGH

Memory Corruption

None

CWE

Product Name: Outside In Technology

Affected Version From: Not available

Affected Version To: Not available

Patch Exists: Yes

Related CWE: None

CPE: Not available

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2015

Oracle Outside-In DOCX File Parsing Memory Corruption

The vulnerability is caused due to a certain value in a document, which can be exploited to corrupt memory via a specially crafted document. Successful exploitation may allow execution of arbitrary code.

Mitigation:

Oracle released a patch for this issue.

Source

Exploit-DB raw data:

#####################################################################################

Title:   Oracle Outside-In DOCX File Parsing Memory Corruption

Platforms:   Windows

CVE:

Secunia:

{PRL}:   2015-04

Author:   Francis Provencher (Protek Research Lab’s)

Website:   http://www.protekresearchlab.com/

Twitter:   @ProtekResearch

#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) POC

#####################################################################################

===============
1) Introduction
===============

 

Oracle Outside In Technology provides software developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. From the latest office suites, such as Microsoft Office 2007, to specialty formats and legacy files, Outside In Technology provides software developers with the tools to transform unstructured files into controllable information.

(http://www.oracle.com/us/technologies/embedded/025613.htm)

#####################################################################################

============================
2) Report Timeline
============================

2015-02-17: Francis Provencher from Protek Research Lab’s found the issue;
2015-02-18: Oracle Security Alerts confirmed the issue;
2015-04-15: Oracle release a Patch for this issue.

#####################################################################################

============================
3) Technical details
============================

The vulnerability is caused due to a certain value in a document, which can be exploited to corrupt memory via a specially crafted document.

Successful exploitation may allow execution of arbitrary code.

#####################################################################################

===========

4) POC

===========

http://protekresearchlab.com/exploits/PRL-2015-04.docx
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/36788.docx