Short Name |
HTTP:STC:DL:ORACLE-JPEG-QCD-OF |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Oracle Outside In JPEG 2000 QCD Segment Processing Heap Buffer Overflow |
Release Date |
2012/08/06 |
Update Number |
2170 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known buffer overflow vulnerability in Oracle Outside-In, a set of libraries used to decode many file formats. It is due to handling the QCD segments in JPEG 2000 files. A successful attack can lead to arbitrary code execution in the context of the affected application.
Oracle Outside In Technology is prone to a remote code-execution vulnerability. The 'Outside In Filters' sub component is affected. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. This vulnerability affects the following supported versions: 8.3.5, 8.3.7