Signature Detail
Short Name |
HTTP:ORACLE:COREL-DRAW-BO |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Oracle Outside In CorelDRAW File Parser Buffer Overflow |
Release Date |
2011/08/02 |
Update Number |
1966 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Oracle Outside In CorelDRAW File Parser Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Oracle Outside-In. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.
Extended Description
Oracle Outside In is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious '.cdr' file. Successful exploits will result in the execution of arbitrary code in the context of the application using the affected library. Failed exploit attempts may result in a denial-of-service condition. This issue affects Oracle Outside In versions 8.3.2.0 and 8.3.5.0.
Affected Products
- AccessData Forensic Toolkit 3.2
- AccessData Forensic Toolkit 8.3.2.0
- AccessData FTK 3.2
- ACD Systems Inc ACDSee Canvas 12
- Avantstar Inc. Quick View Plus 11
- Cisco Security Agent 2.1.0
- Cisco Security Agent 3
- Cisco Security Agent 3.X
- Cisco Security Agent 4.0.0
- Cisco Security Agent 4.0.1
- Cisco Security Agent 4.0.2
- Cisco Security Agent 4.0.3
- Cisco Security Agent 4.0.3.728
- Cisco Security Agent 4.5.0
- Cisco Security Agent 4.5.0
- Cisco Security Agent 4.5.1
- Cisco Security Agent 4.5.1.639
- Cisco Security Agent 4.5.1.657
- Cisco Security Agent 4.5.1.659
- Cisco Security Agent 5.0
- Cisco Security Agent 5.0.0.193
- Cisco Security Agent 5.0.0.201
- Cisco Security Agent 5.1
- Cisco Security Agent 5.1.0.117
- Cisco Security Agent 5.1.0 .79
- Cisco Security Agent 5.2
- Cisco Security Agent 5.2.0.285
- Cisco Security Agent 5.2.0.296
- Cisco Security Agent 6.0
- Cisco Security Agent 6.0(1.126)
- Cisco Security Agent 6.0.1.132
- Cisco Security Agent 6.0(2.099)
- Cisco Security Agent 6.0.2.145
- Guidance Software EnCase
- Guidance Software EnCase Enterprise 4.0.0
- Guidance Software EnCase Enterprise 4.16.0
- Guidance Software EnCase Forensic 5.0
- Guidance Software EnCase Forensic 6.12
- Guidance Software EnCase Forensic 6.14
- Guidance Software EnCase Forensic V4 4.18.0 A
- HP Trim
- IBM Classification Module 8.6
- IBM CommonStore for Exchange 8.4
- IBM CommonStore for Lotus Domino 8.4
- IBM Content Analytics 2.1
- IBM Content Analytics 2.2
- IBM Content Collector for Email 2.1.1
- IBM Content Collector for Email 2.2
- IBM Content Collector for File Systems 2.1.1
- IBM Content Collector for File Systems 2.2
- IBM Content Collector for Microsoft SharePoint 2.1.1
- IBM Content Collector for Microsoft SharePoint 2.2
- IBM Content Integrator 8.5.1
- IBM Content Integrator 8.6
- IBM Content Manager Enterprise Edition 8.4.3
- IBM DB2 9.7
- IBM DB2 9.7 fixpack 2
- IBM DB2 9.7 fixpack 3
- IBM Document Manager 2.2
- IBM Document Manager 8.4.2
- IBM eDiscovery Analyzer 2.2
- IBM eDiscovery Manager 2.2
- IBM FileNet Capture 5.2
- IBM FileNet Capture 5.2.1
- IBM FileNet Content Manager 5.0
- IBM FileNet Content Manager 5.1
- IBM FileNet Integrated Document Management Desktop 4.0.2
- IBM FileNet Integrated Document Management Desktop 4.0.3
- IBM InfoSphere Classification Module 8.7
- IBM OmniFind 8.5
- IBM OmniFind 9.1
- IBM Production Imaging Edition 5.0
- IBM WEB Interface for Content Management 1.0.1
- IBM WEB Interface for Content Management 1.0.2
- IBM WEB Interface for Content Management 1.0.3
- IBM WEB Interface for Content Management 1.0.4
- Kamel Software Fastlook 2009
- Kroll Ontrack EasyRecovery
- Kroll Ontrack PowerControls
- MarkLogic Server
- McAfee GroupShield 7.0.716.101
- McAfee Host Data Loss Prevention 9.0
- NewSoft Presto! PageManager 9
- Novell Groupwise 5.2.0
- Novell Groupwise 5.5.0
- Novell Groupwise 5.57E
- Novell Groupwise 6.0.0
- Novell Groupwise 6.0.0 SP1
- Novell Groupwise 6.0.0 SP2
- Novell Groupwise 6.0.0 SP3
- Novell Groupwise 6.0.0 SP4
- Novell Groupwise 6.0.1 Sp1
- Novell Groupwise 6.5.0
- Novell Groupwise 6.5.0 Post SP6
- Novell Groupwise 6.5.0 SP1
- Novell Groupwise 6.5.0 SP2
- Novell Groupwise 6.5.0 SP3
- Novell Groupwise 6.5.0 SP4
- Novell Groupwise 6.5.0 SP5
- Novell Groupwise 6.5.0 SP6
- Novell Groupwise 6.5.0 SP6 Update 1
- Novell Groupwise 6.5.2
- Novell Groupwise 6.5.3
- Novell Groupwise 6.5.4
- Novell Groupwise 6.5.6
- Novell Groupwise 6.5 SP6 Update 3
- Novell Groupwise 8.0
- Novell Groupwise 8.01X
- Novell Groupwise 8.02
- Novell Groupwise 8.02 HP1
- Novell Groupwise 8.02 HP2
- Novell Groupwise 8.0 HP1
- Novell Groupwise 8.0 HP2
- Novell Groupwise 8.0 SP1
- Novell Groupwise 8.0 SP2
- Novell GroupWise Internet Agent 8.0
- Oracle Fusion Middleware 8.3.2.0
- Oracle Fusion Middleware 8.3.5.0
- Symantec Enterprise Vault 10.0
- Symantec Enterprise Vault 7.5
- Symantec Enterprise Vault 8.0
- Symantec Enterprise Vault 8.0 SP4
- Symantec Enterprise Vault 8.0 SP5
- Symantec Enterprise Vault 9.0
- Symantec Enterprise Vault 9.0.1
- Symantec Enterprise Vault 9.0.2
References
- BugTraq: 48766
- CVE: CVE-2011-2264