CVE-2018-18223

Name of the Vulnerable Software and Affected Versions Oracle Outside In Technology (affected versions not specified) Open Design Alliance Drawings SDK version 2019Update1

Description The issue is related to insufficient access control in the Outside In Filters (ODA Module) component of Oracle Outside In Technology SDK, which can be exploited by a remote attacker to gain unauthorized access to data or cause a denial of service using the HTTP protocol. Additionally, the Open Design Alliance Drawings SDK has a vulnerability that occurs when reading malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash.

Recommendations For Oracle Outside In Technology, restrict access to the Outside In Filters component to minimize the risk of exploitation. For Open Design Alliance Drawings SDK version 2019Update1, avoid using the SDK to read malformed files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.