News
Vigil@nce - McAfee GroupShield, Symantec Enterprise Vault: code execution via Oracle Outside In
February 2012 by Marc Jacob
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send a malformed Lotus 123 file to an application using Oracle Outside In module, in order to execute code.
Severity: 2/4
Creation date: 19/01/2012
IMPACTED PRODUCTS
McAfee GroupShield
Symantec Enterprise Vault
DESCRIPTION OF THE VULNERABILITY
The Oracle Outside In product offers data conversion features. The McAfee GroupShield and Symantec Enterprise Vault products use Oracle Outside In.
The vswk4.dll (libvs_wk4.so) library of Oracle Outside In decodes files in format Lotus 123 version 4. However, a malformed file corrupts the memory of vswk4.dll.
An attacker can therefore send a malformed Lotus 123 file to an application using Oracle Outside In module, in order to execute code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
