Oracle Outside In

vendor:

Outside In

by:

Francis Provencher of COSIG

7,5

CVSS

HIGH

Use-After-Free memory corruption

416

CWE

Product Name: Outside In

Affected Version From: 8.5.2

Affected Version To: 8.5.2

Patch Exists: Yes

Related CWE: CVE-2015-4878

CPE: oracle:outside_in

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2015

A Use-After-Free memory corruption occured when Outside In decode (JBIG2Decode) a stream with an invalid image. Successful exploitation of the vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening or previewing a malicious file.

Mitigation:

Oracle released a patch for this issue

Source

Exploit-DB raw data:

#####################################################################################

Application:   Oracle Outside In

Platforms:   Windows

Versions:   8.5.2

CVE:   CVE-2015-4878

Author:   Francis Provencher of COSIG

Twitter:   @COSIG_

#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) POC

#####################################################################################

===============
1) Introduction
===============

Oracle Outside In Technology provides software developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. From the latest office suites, such as Microsoft Office 2007, to specialty formats and legacy files, Outside In Technology provides software developers with the tools to transform unstructured files into controllable information.

(http://www.oracle.com/us/technologies/embedded/025613.htm)

#####################################################################################

============================
2) Report Timeline
============================

2015-06-09: Francis Provencher of COSIG found the issue;
2015-06-11: Francis Provencher of COSIG report vulnerability to Oracle SA;
2015-10-18: Oracle release a patch for this issue;

#####################################################################################

============================
3) Technical details
============================

A Use-After-Free memory corruption occured when Outside In decode (JBIG2Decode) a stream with an invalid image.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening or previewing a malicious file.

#####################################################################################

===========

4) POC

===========

http://protekresearchlab.com/exploits/COSIG-2015-003.pdf
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38789.zip

###############################################################################