Oracle Security Update (April 2018)
RISK: Medium Risk
TYPE: Servers - Other Servers
Oracle has released April 2018 security update for their products:
Vulnerable Product | Severity | Impacts | Notes | Details (including CVE) |
Database | Moderately Critical | Remote Code Execution | DB (2018-04) | |
Java SE | Moderately Critical | Security Restriction Bypass Information Disclosure Denial of Service Remote Code Execution Data Manipulation | JAVA (2018-04) | |
MySQL | Moderately Critical | Security Restriction Bypass Information Disclosure Denial of Service Remote Code Execution Data Manipulation | MSQL (2018-04) | |
Linux and Virtualization Products | Moderately Critical | Security Restriction Bypass Information Disclosure Denial of Service Remote Code Execution Data Manipulation | OVIR (2018-04) | |
Sun Systems Products Suite | Moderately Critical | Security Restriction Bypass Information Disclosure Denial of Service Remote Code Execution Data Manipulation | SUNS (2018-04) |
Number of 'Extremely Critical' product(s): 0
Number of 'Highly Critical' product(s): 0
Number of 'Moderately Critical' product(s): 5
Evaluation of overall 'Criticality Level': Moderately Critical
For other Oracle products not listed above, please refer to the following URL for more information:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Data Manipulation
System / Technologies affected
- Database
- Java SE
- MySQL
- Linux and Virtualization Products
- Sun Systems Products Suite
- For other Oracle products not listed above, please refer to the following URL for more information:
www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued security updates for the products. Please refer to 'Details' column in the above table for details of individual product update or run software update.
Vulnerability Identifier
Source
Related Link
Share with