HTTP: Oracle Outside In JPEG 2000 QCD Segment Processing Heap Buffer Overflow
This signature detects attempts to exploit a known buffer overflow vulnerability in Oracle Outside-In, a set of libraries used to decode many file formats. It is due to handling the QCD segments in JPEG 2000 files. A successful attack can lead to arbitrary code execution in the context of the affected application.
Extended Description
Oracle Outside In Technology is prone to a remote code-execution vulnerability. The 'Outside In Filters' sub component is affected. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. This vulnerability affects the following supported versions: 8.3.5, 8.3.7
Affected Products
Accessdata_group ftk
Short Name
HTTP:STC:DL:ORACLE-JPEG-QCD-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
2000 Buffer CVE-2012-1769 Heap In JPEG Oracle Outside Overflow Processing QCD Segment bid:54500
Release Date
08/06/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3737
False Positive
Unknown
Vendors
Acd_systems_inc
Mcafee
Guidance_software
Oracle
Accessdata_group
Microsoft
CVSS Score
2.1