Avoiding an Oracle Outside In Content Access security vulnerability with included CorelDraw libraries

Flash (Alert)


Abstract

A potential security vulnerability exists in the Oracle Outside In Content Access CorelDraw libraries that are provided with OmniFind Enterprise Edition versions 8.5 and 9.1 and IBM Content Analytics versions 2.1 and 2.2.

Content

Avoid the security vulnerability by removing seven imcd*.flt files from the /lib or /bin directories of the OmniFind Enterprise Edition or Content Analytics installation root directory. Removing these files should prevent the security vulnerability without loss of function because OmniFind Enterprise Edition and Content Analytics do not use the CorelDraw functions.

Remove the following files:

  • imcd32.flt
  • imcd42.flt
  • imcd52.flt
  • imcd62.flt
  • imcd72.flt
  • imcd82.flt
  • imcdr2.flt

See the URL links below for more information regarding the security vulnerability.

Related information

US-CERT Vulnerability Note for VU#103425
Secunia Advisory SA45297
National Vulnerability Database summary for CVE-2011-22

Cross reference information
Segment Product Component Platform Version Edition
Enterprise Content Management Content Analytics with Enterprise Search AIX, Linux, Windows 2.1, 2.2 All Editions

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

OmniFind Enterprise Edition
Install

Software version:

8.5, 9.1

Operating system(s):

AIX, Linux, Linux on System z, Solaris, Windows

Software edition:

All Editions

Reference #:

1512725

Modified date:

2011-10-27

Translate my page

Machine Translation

Content navigation