Oracle Security Update (Oct 2017)
RISK: Medium Risk
TYPE: Servers - Other Servers
Oracle has released Oct 2017 security update for their products:
Vulnerable Product | Severity | Impacts | Notes | Details (including CVE) |
Database | Moderately Critical | Security Restriction Bypass Information Disclosure Remote Code Execution Data Manipulation | DB (2017-10) | |
Java SE | Moderately Critical | Security Restriction Bypass Information Disclosure Denial of Service Remote Code Execution Data Manipulation | JAVA (2017-10) | |
MySQL | Moderately Critical | Security Restriction Bypass Information Disclosure Denial of Service Remote Code Execution Data Manipulation | MSQL (2017-10) | |
Linux and Virtualization Products | Moderately Critical | Security Restriction Bypass Information Disclosure Denial of Service Data Manipulation | OVIR (2017-10) | |
Sun Systems Products Suite | Moderately Critical | Security Restriction Bypass Information Disclosure Denial of Service Data Manipulation | SUNS (2017-10) |
Number of 'Extremely Critical' product(s): 0
Number of 'Highly Critical' product(s): 0
Number of 'Moderately Critical' product(s): 5
Evaluation of overall 'Criticality Level': Moderately Critical
For other Oracle products not listed above, please refer to the following URL for more information:
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Data Manipulation
System / Technologies affected
- Database
- Java SE
- MySQL
- Linux and Virtualization Products
- Sun Systems Products Suite
- For other Oracle products not listed above, please refer to the following URL for more information:
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued security updates for the products. Please refer to 'Details' column in the above table for details of individual product update or run software update.
Vulnerability Identifier
Source
Related Link
Share with