Lucene search
AnonymousZDI-13-001HistoryFeb 01, 2013 - 12:00 a.m.
Oracle Outside In CorelDRAW File Parsing Remote Code Execution Vulnerability
2013-02-0100:00:00
Anonymous
www.zerodayinitiative.com
15
0.214 Low
EPSS
Percentile
96.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Outside In. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RIFF files. When processing a LIST record, the size field is treated as a signed integer during input validation but is then treated as an unsigned integer when copying data. This can be leveraged by a remote attacker can leverage to gain code execution under the context of the user running the application.
Related
securityvulns
securityvulns
Secunia Research: Oracle Outside In Technology Paradox Database Handling Buffer Overflow
2013-01-21 00:00:00
Microsoft Exchange / FAST Search Server code execution
2013-02-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Outside In CorelDRAW File Parser Heap Buffer Overflow (CVE-2013-0418)
2013-02-25 00:00:00
cve
cve
CVE-2013-0393
2013-01-17 01:55:05
CVE-2013-0418
2013-01-17 01:55:06
prion
prion
Buffer overflow
2013-01-17 01:55:00
Heap overflow
2013-01-17 01:55:00
nvd
nvd
CVE-2013-0393
2013-01-17 01:55:05
CVE-2013-0418
2013-01-17 01:55:06
openvas
openvas
Microsoft Exchange Server Remote Code Execution Vulnerabilities (2809279)
2013-02-13 00:00:00
MS Exchange Server Remote Code Execution Vulnerabilities (2809279)
2013-02-13 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2013-0393
2013-01-17 01:30:00
CVE-2013-0418
2013-01-17 01:30:00
oracle
oracle
Oracle Critical Patch Update - January 2013
2013-01-15 00:00:00