1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Flaws in Oracle file processing SDKs affect major third-party products

Discussion in 'CSO' started by RSS, Jul 21, 2016.

  1. RSS

    RSS New Member Member

    Seventeen high-risk vulnerabilities out of the 276 flaws fixed by Oracle Tuesday affect products from third-party software vendors, including Microsoft.

    The vulnerabilities were found by researchers from Cisco's Talos team and are located in the Oracle Outside In Technology (OIT), a collection of software development kits (SDKs) that can be used to extract, normalize, scrub, convert and view some 600 unstructured file formats.

    These SDKs, which are part of the Oracle Fusion Middleware, are licensed to other software developers who then use them in their own products. Such products include Microsoft Exchange, Novell Groupwise, IBM WebSphere Portal, Google Search Appliance, Avira AntiVir for Exchange, Raytheon SureView, Guidance Encase and Veritas Enterprise Vault.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page