Security News > 2018 > August > Critical vulnerability in Oracle Database, patch without delay!
2018-08-13 15:42
Oracle is urging users to patch their Oracle Database installations to plug a critical security issue that can result in complete compromise of the Oracle Database and shell access to the underlying server. About the vulnerability (CVE-2018-3110) The vulnerability (CVE-2018-3110) affects Oracle Database versions 11.2.0.4 and 12.2.0.1 on Windows and is apparently easy to exploit, but can only be exploited remotely by an authenticated attacker. The vulnerability is in the Java Virtual Machine component of … More → The post Critical vulnerability in Oracle Database, patch without delay! appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/ITJzyoWEljs/
Related news
- BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (source)
- Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged (source)
- Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection (source)
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected (source)
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-10 | CVE-2018-3110 | Unspecified vulnerability in Oracle Database Server A vulnerability was discovered in the Java VM component of Oracle Database Server. | 9.9 |