Netpluz Security Advisory

Netpluz Security Advisory: Oracle Database Server Vulnerability (CVE-2018-3110)

 

August 16, 2018

Dear Valued Customers,

Oracle just released security patch update to address the Oracle Database version 11.2.0.4 and 12.2.0.1 vulnerability on Windows which affect Java Virtual Machine component. This will allow attackers to take full control of the product and established a shell access to the underlying server.

Common Vulnerability Score System(CVSS) severity: 9.9 out of 10

Affected Software:

Oracle Database version 11.2.0.4 and 12.2.0.1 on Windows OS

Impact:

A successful exploit of this vulnerability can result in taking over Java VM.

Recommendations:

For Database Administrators:

– Affected Oracle Database Server on Windows should apply the patches provided by the Security Alert without delay.

 

Reference:

https://www.csa.gov.sg/singcert/news/advisories-alerts/alert-on-vulnerability-in-oracle-database-server-cve-2018-3110

http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-3110-5032149.html

 

Please feel free to email us at noc@netpluz.asia or contact us 1800-NETPLUZ (1800-638-7589) if you require any further assistance.

Thank you.

Network Operations Center
Netpluz Asia Pte Ltd