Update Protection against Oracle Document Capture EasyMail IMAP4 LicenseKey Buffer Overflow
| Check Point Reference: | CPAI-2009-305 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA37269 | |
| Industry Reference(s): | N/A | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Oracle Document Capture 10.1.3.5.0 QuikSoft Corp EasyMail prior to 6.5 | ||
| Vulnerability Description A buffer overflow vulnerability exists in Oracle Document Capture which is integrated with Oracle Imaging and Process Management and Oracle Universal Content Management products. The vulnerability is due to a boundary error while parsing the LicenseKey property within the EasyMail IMAP4 ActiveX component of the affected product. Remote unauthenticated attackers can exploit this vulnerability by enticing targeted users to open a specially crafted HTML document. Successful exploitation of this vulnerability would allow for arbitrary code execution. |
||
|
Vulnerability Details The vulnerability exists in the ActiveX control emimap4.dll. Specifically, the length of the value assigned to the LicenseKey attribute is not validated before being copied into a stack-based buffer of fixed size. Successful exploitation would allow for remote code execution. |
Protection Overview By enabling this protection, IPS-1 will detect and block attempts to access proscribed ActiveX controls via HTTP.
To configure the defense, select your product from the list below and follow the related protection steps.