Oracle Outside In PDF 8.5.2 Parsing Memory Corruption Vulnerability


    An heap memory corruption occured when Outside In decode (DCTDecode) a PDF with a JPEG that have an invalid Heigth value. The vulnerability can execution of arbitrary code by opening or previewing a malicious file. 


    1. Oracle Company Update:

    2. If you have purchased NGAF appliance, update WAF signature database to version 20151204 or above.