Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:STC:DL:ORACLE-LOTUS-123

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Oracle Outside In Lotus 1-2-3 Heap Buffer Overflow

Release Date

 2012/01/30

Update Number

 2072

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Oracle Outside In Lotus 1-2-3 Heap Buffer Overflow


This signature detects attempts to exploit a known vulnerability in the Oracle's Outside In SDK. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.

Extended Description

Oracle Outside In is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. The 'Outside In Image Export SDK' sub component is affected. This vulnerability affects the following supported versions: 8.3.5 8.3.7

Affected Products

  • Accessdata ftk 3.2
  • Accessdata_group ftk 3.3
  • Accessdata_group ftk 3.4
  • Acd_systems_inc acdsee_canvas 12
  • Avantstar_inc. quick_view_plus 11
  • Guidance_software encase_forensics 6.19.2
  • Guidance_software encase_forensics 7.02.02
  • Guidance_software forensics 6.19.2
  • Hp trim
  • Ibm omnifind 8.5
  • Ibm omnifind 8.5 Fixpack 6
  • Ibm omnifind 9.0
  • Ibm omnifind 9.1
  • Kamel_software fastlook_2009
  • Kcura relativity
  • Kroll_ontrack easyrecovery
  • Kroll_ontrack powercontrols
  • Lucion filecenter 7.1.0.35
  • Marklogic server 4.0
  • Marklogic server 4.1
  • Marklogic server 4.2
  • Mcafee groupshield 7.0.716.101
  • Mcafee host_data_loss_prevention 9.0
  • Newsoft presto!_pagemanager 9
  • Novell groupwise 8.0
  • Novell groupwise 8.01X
  • Novell groupwise 8.02
  • Novell groupwise 8.02 HP1
  • Novell groupwise 8.02 HP2
  • Novell groupwise 8.02 HP3
  • Novell groupwise 8.0 HP1
  • Novell groupwise 8.0 HP2
  • Novell groupwise 8.0 HP3
  • Novell groupwise 8.0 SP1
  • Novell groupwise 8.0 SP2
  • Oracle outside_in 8.3.5.0
  • Oracle outside_in 8.3.7
  • Perlustro ilook
  • Symantec enterprise_vault 10.0
  • Symantec enterprise_vault 7.5
  • Symantec enterprise_vault 8.0
  • Symantec enterprise_vault 8.0 SP4
  • Symantec enterprise_vault 8.0 SP5
  • Symantec enterprise_vault 9.0
  • Symantec enterprise_vault 9.0.1
  • Symantec enterprise_vault 9.0.2
  • Windream windream_server
  • X1_technologies x1_professional_client 6.7.2

References

  • BugTraq: 51452
  • CVE: CVE-2012-0110
  • URL: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out