Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:DL:ORACLE-LOTUS-123

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Oracle Outside In Lotus 1-2-3 Heap Buffer Overflow

Release Date

 2012/01/30

Update Number

 2072

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Oracle Outside In Lotus 1-2-3 Heap Buffer Overflow


This signature detects attempts to exploit a known vulnerability in the Oracle's Outside In SDK. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.

Extended Description

Oracle Outside In is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. The 'Outside In Image Export SDK' sub component is affected. This vulnerability affects the following supported versions: 8.3.5 8.3.7

Affected Products

  • AccessData FTK 3.2
  • AccessData Group FTK 3.3
  • AccessData Group FTK 3.4
  • ACD Systems Inc ACDSee Canvas 12
  • Avantstar Inc. Quick View Plus 11
  • Guidance Software Encase Forensics 6.19.2
  • Guidance Software Encase Forensics 7.02.02
  • Guidance Software Forensics 6.19.2
  • HP Trim
  • IBM OmniFind 8.5
  • IBM OmniFind 8.5 Fixpack 6
  • IBM OmniFind 9.0
  • IBM OmniFind 9.1
  • Kamel Software Fastlook 2009
  • kCura Relativity
  • Kroll Ontrack EasyRecovery
  • Kroll Ontrack PowerControls
  • Lucion FileCenter 7.1.0.35
  • MarkLogic Server 4.0
  • MarkLogic Server 4.1
  • MarkLogic Server 4.2
  • McAfee GroupShield 7.0.716.101
  • McAfee Host Data Loss Prevention 9.0
  • NewSoft Presto! PageManager 9
  • Novell Groupwise 8.0
  • Novell Groupwise 8.01X
  • Novell Groupwise 8.02
  • Novell Groupwise 8.02 HP1
  • Novell Groupwise 8.02 HP2
  • Novell Groupwise 8.02 HP3
  • Novell Groupwise 8.0 HP1
  • Novell Groupwise 8.0 HP2
  • Novell Groupwise 8.0 HP3
  • Novell Groupwise 8.0 SP1
  • Novell Groupwise 8.0 SP2
  • Oracle Outside In 8.3.5.0
  • Oracle Outside In 8.3.7
  • Perlustro ILook
  • Symantec Enterprise Vault 10.0
  • Symantec Enterprise Vault 7.5
  • Symantec Enterprise Vault 8.0
  • Symantec Enterprise Vault 8.0 SP4
  • Symantec Enterprise Vault 8.0 SP5
  • Symantec Enterprise Vault 9.0
  • Symantec Enterprise Vault 9.0.1
  • Symantec Enterprise Vault 9.0.2
  • windream windream server
  • X1 Technologies X1 Professional Client 6.7.2

References

  • BugTraq: 51452
  • CVE: CVE-2012-0110
  • URL: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out