The Latest in IT Security

Critical vulnerability in Oracle Database, patch without delay!

13
Aug
2018

oracle-red

Oracle is urging users to patch their Oracle Database installations to plug a critical security issue that can result in complete compromise of the Oracle Database and shell access to the underlying server.

About the vulnerability (CVE-2018-3110)

The vulnerability (CVE-2018-3110) affects Oracle Database versions 11.2.0.4 and 12.2.0.1 on Windows and is apparently easy to exploit, but can only be exploited remotely by an authenticated attacker.

The vulnerability is in the Java Virtual Machine component of Oracle Database Server. It requires no user interaction and allows attackers that have Create Session privilege with network access via Oracle Net to compromise the component.

Related posts:
  1. Oracle splats 276 bugs with mammoth Critical Patch Update
  2. 100+ Security Fixes Announced for the Oracle Critical Patch Update
  3. 22 Vulnerabilities Found in Oracle Database Java VM Implementation
  4. Oracle previews final Critical Patch Update of year, 153 security fixes
  5. Oracle Issues Massive Security Update With Critical Fixes for Java, Fusion Middleware

Read More

Tags:  
Written by Feedproxy
0 Comments

Leave a reply


Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments