OSVDB ID: 86392

Title: Oracle Outside In Technology Outside In HTML Export SDK Subcomponent Unspecified Remote DoS

Info

Disclosure

Oct 16, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Oct 16, 2012

Description

Oracle Outside In Technology contains a flaw that may allow a local denial of service. The issue is triggered when an unspecified error occurs in the Outside In HTML Export SDK subcomponent, which may allow a remote attacker to cause a loss of availability.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified, Coordinated Disclosure
OSVDB: Authentication Required

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability. Check the vendor advisory in the references section.

Products

Oracle Corporation

Outside In Technology

8.3.7.0

Microsoft Corporation

FAST Search Server

2010 for SharePoint SP1

References

Security Tracker: 1027669
CVE ID: 2012-3217 (see also: NVD)
Microsoft Knowledge Base Article: 2553234 2746157 2784126 2785908 2787763
Secunia Advisory ID: 50993 51474
Bugtraq ID: 55993
Related OSVDB ID: 86389
Vendor Specific Advisory URL: http://technet.microsoft.com/en-us/security/bulletin/ms13-feb
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
Vendor URL: http://www.microsoft.com/
News Article: http://www.scmagazine.com/microsoft-to-plug-57-security-holes-next-week/article/279572/
http://www.securityweek.com/microsoft-quash-57-vulnerabilities-february
Microsoft Security Bulletin: MS13-013

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/86392