CVE-2015-4878

Oracle Fusion Middleware 8.5.0-8.5.2 - Denial of Service in Outside In Filters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-4878. PoCs published by Francis Provencher.

AI-analyzed exploit summary This is a writeup detailing CVE-2015-4878, a use-after-free vulnerability in Oracle Outside In Technology 8.5.2. The vulnerability occurs during the decoding of a malicious JBIG2 stream, potentially leading to arbitrary code execution.

Description

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4877.

Exploits (1)

exploitdb WRITEUP

by Francis Provencher · textdoswindows

https://www.exploit-db.com/exploits/38789

View Code ZIP pw:eip

This is a writeup detailing CVE-2015-4878, a use-after-free vulnerability in Oracle Outside In Technology 8.5.2. The vulnerability occurs during the decoding of a malicious JBIG2 stream, potentially leading to arbitrary code execution.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Oracle Outside In Technology 8.5.2

No auth needed

Prerequisites: User interaction to open or preview a malicious file

MITRE ATT&CK