ID CVE-2017-3486Type cveReporter NVDModified 2017-07-10T21:33:38
Description
Vulnerability in the SQLPlus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQL Plus executes to compromise SQLPlus. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in SQL Plus, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of SQL*Plus. Note: This score is for Windows platform version 11.2.0.4 of Database. For Windows platform version 12.1.0.2 and Linux, the score is 6.3 with scope Unchanged. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H).
{"type": "cve", "published": "2017-04-24T15:59:02", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3486", "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "0321238310d2fd9efd8a493df0790456"}, {"key": "cvelist", "hash": "bafd72051c16690fd58a188b6dc78eab"}, {"key": "cvss", "hash": "c306a62a6624d073fa0f285006558cae"}, {"key": "description", "hash": "41153935f462c2269c39a9f34d208917"}, {"key": "href", "hash": "9f2698b144d692775beb7ee6fac75b19"}, {"key": "modified", "hash": "112eb19b5724ec46475d30aa535afec4"}, {"key": "published", "hash": "aaa0491f38a5186801199780e0b2151b"}, {"key": "references", "hash": "a6a157426ce0c78f618cadd66d3e54f8"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "bc495ad93d5bfea23450bb6db541fc42"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "bulletinFamily": "NVD", "cvss": {"vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 3.7}, "scanner": [], "viewCount": 17, "history": [{"lastseen": "2017-04-25T07:44:33", "edition": 1, "bulletin": {"type": "cve", "published": "2017-04-24T15:59:02", "reporter": "NVD", "hashmap": [{"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "title", "hash": "bc495ad93d5bfea23450bb6db541fc42"}, {"key": "published", "hash": "aaa0491f38a5186801199780e0b2151b"}, {"key": "references", "hash": "c1650b652cd1a57f3038c140b347c7a1"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "description", "hash": "41153935f462c2269c39a9f34d208917"}, {"key": "href", "hash": "9f2698b144d692775beb7ee6fac75b19"}, {"key": "modified", "hash": "aaa0491f38a5186801199780e0b2151b"}, {"key": "cvelist", "hash": "bafd72051c16690fd58a188b6dc78eab"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}], "bulletinFamily": "NVD", "cvss": {"vector": "NONE", "score": 0.0}, "scanner": [], "viewCount": 0, "history": [], "cpe": [], "objectVersion": "1.2", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3486", "title": "CVE-2017-3486", "lastseen": "2017-04-25T07:44:33", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"], "assessment": {"system": "", "href": "", "name": ""}, "cvelist": ["CVE-2017-3486"], "hash": "bdcdc1e7c1e0d987f4e1ebf7a68a241ae4e8bae69c63da3cb74802c3d0378a7d", "edition": 1, "id": "CVE-2017-3486", "modified": "2017-04-24T15:59:02", "description": "Vulnerability in the SQL*Plus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQL*Plus executes to compromise SQL*Plus. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in SQL*Plus, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of SQL*Plus. Note: This score is for Windows platform version 11.2.0.4 of Database. For Windows platform version 12.1.0.2 and Linux, the score is 6.3 with scope Unchanged. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H)."}, "differentElements": ["references", "modified"]}, {"lastseen": "2017-04-26T07:44:46", "edition": 2, "bulletin": {"type": "cve", "published": "2017-04-24T15:59:02", "reporter": "NVD", "hashmap": [{"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "references", "hash": "96091d5146cc6255bb681447164242b9"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "title", "hash": "bc495ad93d5bfea23450bb6db541fc42"}, {"key": "published", "hash": "aaa0491f38a5186801199780e0b2151b"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "modified", "hash": "fa8a5f286eae8b1b512dd3bcaefb793f"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "description", "hash": "41153935f462c2269c39a9f34d208917"}, {"key": "href", "hash": "9f2698b144d692775beb7ee6fac75b19"}, {"key": "cvelist", "hash": "bafd72051c16690fd58a188b6dc78eab"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}], "bulletinFamily": "NVD", "cvss": {"vector": "NONE", "score": 0.0}, "scanner": [], "viewCount": 0, "history": [], "cpe": [], "objectVersion": "1.2", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3486", "title": "CVE-2017-3486", "lastseen": "2017-04-26T07:44:46", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "http://www.securityfocus.com/bid/97870"], "assessment": {"system": "", "href": "", "name": ""}, "cvelist": ["CVE-2017-3486"], "hash": "1bd45db5989dd6e662bee7ef66fcf1642b1d3e95dafdc0fb6c3932c6b9d1cb3b", "edition": 2, "id": "CVE-2017-3486", "modified": "2017-04-25T21:59:03", "description": "Vulnerability in the SQL*Plus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQL*Plus executes to compromise SQL*Plus. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in SQL*Plus, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of SQL*Plus. Note: This score is for Windows platform version 11.2.0.4 of Database. For Windows platform version 12.1.0.2 and Linux, the score is 6.3 with scope Unchanged. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H)."}, "differentElements": ["cvss", "modified", "cpe"]}, {"lastseen": "2017-05-05T07:44:42", "edition": 3, "bulletin": {"type": "cve", "published": "2017-04-24T15:59:02", "reporter": "NVD", "hashmap": [{"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "references", "hash": "96091d5146cc6255bb681447164242b9"}, {"key": "modified", "hash": "52811e5f2b6ccad419749cbbac3defd8"}, {"key": "cpe", "hash": "0321238310d2fd9efd8a493df0790456"}, {"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "title", "hash": "bc495ad93d5bfea23450bb6db541fc42"}, {"key": "published", "hash": "aaa0491f38a5186801199780e0b2151b"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "description", "hash": "41153935f462c2269c39a9f34d208917"}, {"key": "href", "hash": "9f2698b144d692775beb7ee6fac75b19"}, {"key": "cvelist", "hash": "bafd72051c16690fd58a188b6dc78eab"}, {"key": "cvss", "hash": "c306a62a6624d073fa0f285006558cae"}], "bulletinFamily": "NVD", "cvss": {"vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 3.7}, "scanner": [], "viewCount": 2, "history": [], "cpe": ["cpe:/a:oracle:sql_plus:11.2.0.4", "cpe:/a:oracle:sql_plus:12.1.0.2"], "objectVersion": "1.2", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3486", "title": "CVE-2017-3486", "lastseen": "2017-05-05T07:44:42", "enchantments": {}, "references": ["http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "http://www.securityfocus.com/bid/97870"], "assessment": {"system": "", "href": "", "name": ""}, "cvelist": ["CVE-2017-3486"], "hash": "fd41989db4d9eae679631e9b61f6e4a95e48e03d525f8d4b5341fdc6c46b621f", "edition": 3, "id": "CVE-2017-3486", "modified": "2017-05-04T13:57:05", "description": "Vulnerability in the SQL*Plus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQL*Plus executes to compromise SQL*Plus. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in SQL*Plus, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of SQL*Plus. Note: This score is for Windows platform version 11.2.0.4 of Database. For Windows platform version 12.1.0.2 and Linux, the score is 6.3 with scope Unchanged. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H)."}, "differentElements": ["references", "modified"]}], "edition": 4, "objectVersion": "1.3", "cpe": ["cpe:/a:oracle:sql_plus:11.2.0.4", "cpe:/a:oracle:sql_plus:12.1.0.2"], "reporter": "NVD", "title": "CVE-2017-3486", "enchantments": {"score": {"vector": "NONE", "value": 7.2}, "vulnersScore": 7.2}, "references": ["http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "http://www.securityfocus.com/bid/97870", "http://www.securitytracker.com/id/1038284"], "assessment": {"system": "", "href": "", "name": ""}, "id": "CVE-2017-3486", "hash": "8c247b35d612188f81a8e2d75d0ec884174710e5e3df6da072f7fd441f61f0cc", "lastseen": "2017-07-11T10:48:07", "cvelist": ["CVE-2017-3486"], "modified": "2017-07-10T21:33:38", "description": "Vulnerability in the SQL*Plus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQL*Plus executes to compromise SQL*Plus. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in SQL*Plus, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of SQL*Plus. Note: This score is for Windows platform version 11.2.0.4 of Database. For Windows platform version 12.1.0.2 and Linux, the score is 6.3 with scope Unchanged. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H)."}
{"nessus": [{"lastseen": "2018-09-19T14:03:38", "references": ["http://www.nessus.org/u?623d2c22"], "pluginID": "99480", "description": "The remote Oracle Database Server is missing the April 2017 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities :\n\n - An unspecified flaw exists in the SQL*Plus component that allows a local attacker to impact confidentiality, integrity, and availability. (CVE-2017-3486)\n\n - An unspecified flaw exists in the OJVM component that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3567)", "edition": 14, "reporter": "Tenable", "published": "2017-04-19T00:00:00", "title": "Oracle Database Multiple Vulnerabilities (April 2017 CPU)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3486", "CVE-2017-3567"], "modified": "2018-09-17T00:00:00", "cpe": ["cpe:/a:oracle:database_server"], "id": "ORACLE_RDBMS_CPU_APR_2017.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=99480", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\nif (!defined_func(\"nasl_level\") || nasl_level() < 5000) exit(0, \"Nessus older than 5.x\");\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99480);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/09/17 21:46:53\");\n\n script_cve_id(\n \"CVE-2017-3486\",\n \"CVE-2017-3567\"\n );\n script_bugtraq_id(\n 97870,\n 97873\n );\n\n script_name(english:\"Oracle Database Multiple Vulnerabilities (April 2017 CPU)\");\n script_summary(english:\"Checks installed patch info\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Database Server is missing the April 2017 Critical\nPatch Update (CPU). It is, therefore, affected by multiple\nvulnerabilities :\n\n - An unspecified flaw exists in the SQL*Plus component\n that allows a local attacker to impact confidentiality,\n integrity, and availability. (CVE-2017-3486)\n\n - An unspecified flaw exists in the OJVM component that\n allows an authenticated, remote attacker to cause a\n denial of service condition. (CVE-2017-3567)\");\n # http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?623d2c22\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2017 Oracle\nCritical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"manual\");\n script_set_attribute(attribute:\"cvss_score_rationale\", value:\"score from a more in depth analysis done by Tenable\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\",value:\"2017/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\",value:\"2017/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\",value:\"local\");\n script_set_attribute(attribute:\"cpe\",value:\"cpe:/a:oracle:database_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_rdbms_query_patch_info.nbin\", \"oracle_rdbms_patch_info.nbin\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"oracle_rdbms_cpu_func.inc\");\ninclude(\"misc_func.inc\");\n\npatches = make_nested_array();\n\n# RDBMS 12.1.0.2\npatches[\"12.1.0.2\"][\"db\"][\"nix\"] = make_array(\"patch_level\", \"12.1.0.2.170418\", \"CPU\", \"25171037, 25433352, 26022196\");\npatches[\"12.1.0.2\"][\"db\"][\"win\"] = make_array(\"patch_level\", \"12.1.0.2.170418\", \"CPU\", \"25632533, 25872779, 26161724\");\n# RDBMS 11.2.0.4 #\npatches[\"11.2.0.4\"][\"db\"][\"nix\"] = make_array(\"patch_level\", \"11.2.0.4.170418\", \"CPU\", \"25369547, 24732075, 25869727\");\npatches[\"11.2.0.4\"][\"db\"][\"win\"] = make_array(\"patch_level\", \"11.2.0.4.170418\", \"CPU\", \"25632525, 25874796\");\n\n# JVM 12.1.0.2\npatches[\"12.1.0.2\"][\"ojvm\"][\"nix\"] = make_array(\"patch_level\", \"12.1.0.2.170418\", \"CPU\", \"25437695, 26027162\");\npatches[\"12.1.0.2\"][\"ojvm\"][\"win\"] = make_array(\"patch_level\", \"12.1.0.2.170418\", \"CPU\", \"25590993\");\n# JVM 11.2.0.4\npatches[\"11.2.0.4\"][\"ojvm\"][\"nix\"] = make_array(\"patch_level\", \"11.2.0.4.170418\", \"CPU\", \"25434033, 26027154\");\npatches[\"11.2.0.4\"][\"ojvm\"][\"win\"] = make_array(\"patch_level\", \"11.2.0.4.170418\", \"CPU\", \"25590979\");\n\ncheck_oracle_database(patches:patches, high_risk:TRUE);\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-09-01T23:46:33", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"], "pluginID": "1361412562310808703", "description": "This host is running Oracle Database Server\n and is prone multiple unspecified vulnerabilities.", "edition": 5, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-07-21T00:00:00", "title": "Oracle Database Server Unspecified Vulnerability -01 July16", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566", "CVE-2016-5498", "CVE-2016-5555", "CVE-2016-5505", "CVE-2016-2183", "CVE-2016-5499", "CVE-2016-3479", "CVE-2016-3562", "CVE-2017-10261", "CVE-2017-3486", "CVE-2017-3310"], "modified": "2017-10-19T00:00:00", "id": "OPENVAS:1361412562310808703", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808703", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_db_unspecified_vuln01_july16.nasl 7497 2017-10-19 07:06:06Z santu $\n#\n# Oracle Database Server Unspecified Vulnerability -01 July16\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:database_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808703\");\n script_version(\"$Revision: 7497 $\");\n script_cve_id(\"CVE-2016-3479\", \"CVE-2016-5555\", \"CVE-2016-5505\", \"CVE-2016-5498\", \n \"CVE-2016-5499\", \"CVE-2016-3562\", \"CVE-2017-3310\", \"CVE-2017-3486\", \n \"CVE-2016-2183\", \"CVE-2014-3566\", \"CVE-2017-10261\");\n script_bugtraq_id(91898, 93615, 93613, 93620, 93629, 93640, 95481, 92630, 70574, 101344);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-19 09:06:06 +0200 (Thu, 19 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-21 18:47:32 +0530 (Thu, 21 Jul 2016)\");\n script_name(\"Oracle Database Server Unspecified Vulnerability -01 July16\");\n\n script_tag(name:\"summary\", value:\"This host is running Oracle Database Server\n and is prone multiple unspecified vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws are due to,\n\n - Multiple unspecified errors.\n\n - Multiple unspecified errors related to components 'DBMS_LDAP',\n 'Real Application Clusters' and 'XML Database' components.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploitation will allow remote\n authenticated attackers to affect confidentiality, integrity, and availability\n via unknown vectors.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"Oracle Database Server versions\n 11.2.0.4 and 12.1.0.2\");\n\n script_tag(name:\"solution\", value:\"Apply patches from below link,\n http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\n http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\n http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\n http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\n http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\n http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\");\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\");\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\");\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\");\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\");\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"oracle_tnslsnr_version.nasl\");\n script_mandatory_keys(\"OracleDatabaseServer/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"global_settings.inc\");\n\n## Variable Initialization\ndbPort = \"\";\ndbVer = \"\";\n\n## Get port\nif(!dbport = get_app_port(cpe:CPE)){\n exit(0);\n}\n\n## Get the version\nif(!dbVer = get_app_version(cpe:CPE, port:dbPort)){\n exit(0);\n}\n\n## Check for vulnerable version\nif(version_is_equal(version:dbVer, test_version:\"11.2.0.4\") ||\n version_is_equal(version:dbVer, test_version:\"12.1.0.2\"))\n{\n report = report_fixed_ver(installed_version:dbVer, fixed_version:\"Apply the appropriate patch\");\n security_message(data:report, port:dbPort);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oracle": [{"lastseen": "2018-08-31T04:13:45", "references": [], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 300 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [April 2017 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2252203.1>).\n\nPlease note that the vulnerabilities in this Critical Patch Update are scored using version 3.0 of Common Vulnerability Scoring Standard (CVSS).\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "edition": 3, "reporter": "Oracle", "published": "2017-04-18T00:00:00", "title": "Oracle Critical Patch Update - April 2017", "type": "oracle", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Oracle Retail Category Management", "version": "13.3", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "16.0", "operator": "le"}, {"name": "Siebel Apps - E-Billing", "version": "6.1", "operator": "le"}, {"name": "Oracle Scripting", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "6.5", "operator": "le"}, {"name": "Oracle Service Bus", "version": "12.2.1.1.0", "operator": "le"}, {"name": "OJVM", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Healthcare Master Person Index", "version": "2.0.1.x", "operator": "le"}, {"name": "Oracle Retail Order Broker", "version": "16.0", "operator": "le"}, {"name": "Oracle Financial Services Profitability Management", "version": "6.1.1", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.3.0", "operator": "le"}, {"name": "Oracle Financial Services Profitability Management", "version": "8.0.2", "operator": "le"}, {"name": "MICROS Lucas", "version": "2.9.5.2", "operator": "le"}, {"name": "Oracle Financial Services Profitability Management", "version": "8.0.1", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "11.1.1.8.0", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.55", "operator": "le"}, {"name": "Oracle Financial Services Funds Transfer Pricing", "version": "8.0.3", "operator": "le"}, {"name": "Oracle Utilities Framework", "version": "4.3.0.1.0", "operator": "le"}, {"name": "Oracle Financial Services Loan Loss Forecasting and Provisioning", "version": "1.5.0", "operator": "le"}, {"name": "Oracle Scripting", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Financial Services Analytical Applications Infrastructure", "version": "7.3.3", "operator": "le"}, {"name": "Data Store", "version": "6.2.32", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.2", "operator": "le"}, {"name": "Oracle iReceivables", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "16.0.0", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "6.1", "operator": "le"}, {"name": "Oracle Financial Services Profitability Management", "version": "6.0.0", "operator": "le"}, {"name": "Oracle Financial Services Asset Liability Management", "version": "6.1.1", "operator": "le"}, {"name": "MICROS Lucas", "version": "2.9.5.3", "operator": "le"}, {"name": "Oracle Real-Time Scheduler", "version": "2.2.0.3.13", "operator": "le"}, {"name": "Siebel Apps - E-Billing", "version": "7.1", "operator": "le"}, {"name": "Oracle User Management", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Fusion Middleware MapViewer", "version": "12.2.1.2", "operator": "le"}, {"name": "Primavera Gateway", "version": "15.2", "operator": "le"}, {"name": "Oracle Utilities Framework", "version": "4.2.0.2.0", "operator": "le"}, {"name": "MICROS Xstore Payment", "version": "7.0", "operator": "le"}, {"name": "Oracle Retail Analytics", "version": "14.0", "operator": "le"}, {"name": "Oracle Retail Assortment Planning", "version": "14.1.3", "operator": "le"}, {"name": "Oracle Insurance Data Foundation", "version": "8.0.4", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.4.0", "operator": "le"}, {"name": "Oracle Retail Store Inventory", "version": "15.0", "operator": "le"}, {"name": "Oracle iReceivables", "version": "12.2.3", "operator": "le"}, {"name": "MICROS Xstore Payment", "version": "16.0", "operator": "le"}, {"name": "Primavera Gateway", "version": "15.1", "operator": "le"}, {"name": "Oracle WebCenter Content", "version": "12.2.1.2", "operator": "le"}, {"name": "Oracle Retail Returns Management", "version": "14.1", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "6.0", "operator": "le"}, {"name": "Oracle Scripting", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Advanced Support Gateway", "version": "7.2", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.1", "operator": "le"}, {"name": "Oracle WebCenter Content", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.3", "operator": "le"}, {"name": "Primavera Gateway", "version": "1.1", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "6u141", "operator": "le"}, {"name": "Oracle Financial Services Asset Liability Management", "version": "6.1.0", "operator": "le"}, {"name": "Oracle Financial Services Pricing Management/Transfer Pricing Component", "version": "8.0.0", "operator": "le"}, {"name": "Oracle Retail Assortment Planning", "version": "15.0.1", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.4", "operator": "le"}, {"name": "Primavera Gateway", "version": "1.0", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "13.1.0", "operator": "le"}, {"name": "Oracle Retail Category Management Planning & Optimization", "version": "15.0", "operator": "le"}, {"name": "Oracle Financial Services Basel Regulatory Capital Basic", "version": "8.0.3", "operator": "le"}, {"name": "Oracle Financial Services Hedge Management and IFRS Valuations", "version": "6.1.1", "operator": "le"}, {"name": "Oracle Advanced Outbound Telephony", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Communications Service Broker Engineered System Edition", "version": "6.1", "operator": "le"}, {"name": "Oracle Retail XBRi Loss Prevention", "version": "10.7.0", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "14.1", "operator": "le"}, {"name": "Oracle Retail Store Inventory", "version": "16.0", "operator": "le"}, {"name": "Oracle Hospitality OPERA 5 Property Services", "version": "5.4.1.x", "operator": "le"}, {"name": "Oracle Communications Network Integrity", "version": "7.3.0", "operator": "le"}, {"name": "Oracle Retail Point-of-Service", "version": "14.1.3", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "12.0.1", "operator": "le"}, {"name": "Oracle Insurance Data Foundation", "version": "8.0.2", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "15.2", "operator": "le"}, {"name": "JD Edwards EnterpriseOne Tools", "version": "9.2", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.4.2", "operator": "le"}, {"name": "MICROS XBR", "version": "10.5.0", "operator": "le"}, {"name": "Oracle Payables", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach", "version": "8.0.2", "operator": "le"}, {"name": "Oracle Scripting", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Financial Services Basel Regulatory Capital Basic", "version": "6.1.3", "operator": "le"}, {"name": "Oracle Payables", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Hospitality OPERA 5 Property Services", "version": "5.5.0.x", "operator": "le"}, {"name": "Oracle iReceivables", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Insurance Data Foundation", "version": "8.0.3", "operator": "le"}, {"name": "Oracle Retail Category Management", "version": "14.0", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "15.0", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "6.4.1.2", "operator": "le"}, {"name": "Oracle Communications Policy Management", "version": "12.2", "operator": "le"}, {"name": "MICROS Xstore Payment", "version": "7.1", "operator": "le"}, {"name": "Oracle Retail Demand Forecasting", "version": "14.1.3", "operator": "le"}, {"name": "MySQL Server", "version": "5.7.11", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "12.2.1.0.0", "operator": "le"}, {"name": "Oracle Retail Category Management", "version": "14.1", "operator": "le"}, {"name": "Oracle Financial Services Liquidity Risk Management", "version": "8.0.4", "operator": "le"}, {"name": "Oracle Retail Order Broker", "version": "15.0", "operator": "le"}, {"name": "Oracle SuperCluster Specific Software", "version": "2.3.8", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.20", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.55", "operator": "le"}, {"name": "Oracle Financial Services Loan Loss Forecasting and Provisioning", "version": "1.5.1", "operator": "le"}, {"name": "MySQL Connectors", "version": "5.1.40", "operator": "le"}, {"name": "SQL*Plus", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Identity Manager", "version": "11.1.2.3.0", "operator": "le"}, {"name": "MICROS XBR", "version": "10.7.7", "operator": "le"}, {"name": "Secure Global Desktop", "version": "5.2", "operator": "le"}, {"name": "Oracle Payables", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Payables", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Retail XBRi Loss Prevention", "version": "10.5.0", "operator": "le"}, {"name": "Oracle Retail Merchandise Financial Planning", "version": "14.1.3", "operator": "le"}, {"name": "MySQL Connectors", "version": "5.1.41", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "6.3.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.0.4", "operator": "le"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "version": "15.0", "operator": "le"}, {"name": "PeopleSoft Enterprise FSCM", "version": "9.1", "operator": "le"}, {"name": "Secure Global Desktop", "version": "4.71", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.1.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "12.1.0", "operator": "le"}, {"name": "Oracle Communications Service Broker Engineered System Edition", "version": "6.0", "operator": "le"}, {"name": "Primavera Unifier", "version": "15.1", "operator": "le"}, {"name": "Oracle Retail Invoice Matching", "version": "13.1", "operator": "le"}, {"name": "Oracle Retail Advanced Inventory Planning", "version": "15.0", "operator": "le"}, {"name": "Oracle Scripting", "version": "12.1.3", "operator": "le"}, {"name": "PeopleSoft Enterprise SCM Purchasing", "version": "9.2", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "13.2", "operator": "le"}, {"name": "Oracle Retail Order Broker", "version": "5.1", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "8.3", "operator": "le"}, {"name": "Oracle Financial Services Liquidity Risk Management", "version": "8.0.1", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.3.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.1.0", "operator": "le"}, {"name": "MICROS XBR", "version": "10.0.1", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "8u121", "operator": "le"}, {"name": "Oracle Utilities Work and Asset Management", "version": "1.9.1.2.11", "operator": "le"}, {"name": "Oracle Retail Advanced Science Engine", "version": "14.1", "operator": "le"}, {"name": "Oracle Hospitality OPERA 5 Property Services", "version": "5.4.0.x", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "13.1", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "13.4", "operator": "le"}, {"name": "Siebel Apps - E-Billing", "version": "7.0", "operator": "le"}, {"name": "MySQL Cluster", "version": "7.3.16", "operator": "le"}, {"name": "Oracle Retail Advanced Inventory Planning", "version": "14.1", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "6.5.2", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "7u131", "operator": "le"}, {"name": "Oracle Communications Network Integrity", "version": "7.2.4", "operator": "le"}, {"name": "Oracle Scripting", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach", "version": "6.1.3", "operator": "le"}, {"name": "MICROS Relate CRM Software", "version": "10.0", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "5.1", "operator": "le"}, {"name": "Oracle Financial Services Reconciliation Framework", "version": "8.0.0", "operator": "le"}, {"name": "Oracle Financial Services Data Integration Hub", "version": "8.0.1", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "11.4.0", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.2.1.0", "operator": "le"}, {"name": "Primavera Unifier", "version": "10.0", "operator": "le"}, {"name": "SQL*Plus", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach", "version": "8.0.3", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "11.2", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "14.0", "operator": "le"}, {"name": "MICROS Lucas", "version": "2.9.5.1", "operator": "le"}, {"name": "Java SE", "version": "6u141", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "6.5.1", "operator": "le"}, {"name": "Oracle Financial Services Loan Loss Forecasting and Provisioning", "version": "8.0.1", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.3.0", "operator": "le"}, {"name": "Oracle Utilities Framework", "version": "4.3.0.3.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "12.0.2", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "5.3", "operator": "le"}, {"name": "Oracle User Management", "version": "12.2.4", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.2.0", "operator": "le"}, {"name": "Oracle Financial Services Funds Transfer Pricing", "version": "6.0.0", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.3.0", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.2.3", "operator": "le"}, {"name": "Primavera Gateway", "version": "16.2", "operator": "le"}, {"name": "Solaris Cluster", "version": "4.3", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.2.5", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.1.6.8003", "operator": "le"}, {"name": "Oracle Retail Invoice Matching", "version": "12.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "12.0.0", "operator": "le"}, {"name": "Oracle Financial Services Hedge Management and IFRS Valuations", "version": "8.0.1", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.54", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.3.2", "operator": "le"}, {"name": "Oracle Financial Services Profitability Management", "version": "6.1.0", "operator": "le"}, {"name": "Oracle Communications ASAP", "version": "7.3", "operator": "le"}, {"name": "Oracle Financial Services Enterprise Financial Performance Analytics", "version": "8.0.0", "operator": "le"}, {"name": "Oracle API Gateway", "version": "11.1.2.4.0", "operator": "le"}, {"name": "Oracle Financial Services Asset Liability Management", "version": "8.0.2", "operator": "le"}, {"name": "Oracle Retail Invoice Matching", "version": "13.2", "operator": "le"}, {"name": "Oracle Utilities Framework", "version": "4.2.0.3.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Enterprise Limits and Collateral Management", "version": "12.0.0", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "16.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.2.0", "operator": "le"}, {"name": "Oracle Healthcare Master Person Index", "version": "3.0.0.x", "operator": "le"}, {"name": "Oracle Retail XBRi Loss Prevention", "version": "10.0.1", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "5.0.38", "operator": "le"}, {"name": "Oracle Hospitality OPERA 5 Property Services", "version": "5.4.2.x", "operator": "le"}, {"name": "MICROS Xstore Payment", "version": "6.0", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "8.4", "operator": "le"}, {"name": "Oracle Payables", "version": "12.2.4", "operator": "le"}, {"name": "Primavera Unifier", "version": "10.1", "operator": "le"}, {"name": "Oracle Insurance Istream", "version": "4.3.2", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "15.1", "operator": "le"}, {"name": "Oracle Utilities Framework", "version": "4.1.0.1.0", "operator": "le"}, {"name": "OSS Support Tools", "version": "8.15.17.3.14", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "2.2.0.1", "operator": "le"}, {"name": "Oracle Financial Services Basel Regulatory Capital Basic", "version": "8.0.2", "operator": "le"}, {"name": "Oracle Retail Analytics", "version": "15.0", "operator": "le"}, {"name": "Solaris", "version": "10", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.3.7", "operator": "le"}, {"name": "Secure Global Desktop", "version": "5.3", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "6.5.0", "operator": "le"}, {"name": "Oracle Payables", "version": "12.1.3", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "2.0.1", "operator": "le"}, {"name": "Oracle Service Bus", "version": "12.2.1.0.0", "operator": "le"}, {"name": "MySQL Enterprise Backup", "version": "3.12.2", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.4.1", "operator": "le"}, {"name": "Oracle User Management", "version": "12.1.3", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "12.1.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "2.0.0", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.3.1", "operator": "le"}, {"name": "PeopleSoft Enterprise SCM eSupplier Connection", "version": "9.2", "operator": "le"}, {"name": "Oracle Retail Invoice Matching", "version": "14.1", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.0.1", "operator": "le"}, {"name": "MICROS Lucas", "version": "2.9.5.4", "operator": "le"}, {"name": "MySQL Cluster", "version": "7.4.14", "operator": "le"}, {"name": "MySQL Connectors", "version": "2.1.5", "operator": "le"}, {"name": "Oracle Financial Services Data Foundation", "version": "8.0.3", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.35", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "14.0.3", "operator": "le"}, {"name": "Oracle Utilities Framework", "version": "4.3.0.2.0", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "16.2", "operator": "le"}, {"name": "Oracle Scripting", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Financial Services Hedge Management and IFRS Valuations", "version": "8.0.3", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Retail Analytics", "version": "16.0", "operator": "le"}, {"name": "Java SE", "version": "7u131", "operator": "le"}, {"name": "Primavera Gateway", "version": "14.2", "operator": "le"}, {"name": "Oracle Financial Services Data Foundation", "version": "8.0.4", "operator": "le"}, {"name": "Oracle Utilities Customer Self Service", "version": "2.1.0.2.0", "operator": "le"}, {"name": "Oracle Fusion Middleware MapViewer", "version": "12.2.1.1", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "6.2.2", "operator": "le"}, {"name": "Primavera Unifier", "version": "9.14", "operator": "le"}, {"name": "Oracle Hyperion Essbase", "version": "11.1.2.2", "operator": "le"}, {"name": "Oracle Retail Item Planning", "version": "14.1.3", "operator": "le"}, {"name": "Oracle Advanced Outbound Telephony", "version": "12.2.4", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.0.2", "operator": "le"}, {"name": "Oracle WebCenter Content", "version": "12.2.1.0", "operator": "le"}, {"name": "Oracle Financial Services Funds Transfer Pricing", "version": "8.0.4", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "6.0", "operator": "le"}, {"name": "MICROS XBR", "version": "10.8.0", "operator": "le"}, {"name": "OJVM", "version": "11.2.0.4", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "13.2.0", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.3.3", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Retail Merchandise Financial Planning", "version": "15.0.2", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "6.1.4", "operator": "le"}, {"name": "Oracle Retail Warehouse Management System", "version": "14.0", "operator": "le"}, {"name": "Oracle User Management", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "11.0", "operator": "le"}, {"name": "Oracle Retail Analytics", "version": "14.1", "operator": "le"}, {"name": "MySQL Enterprise Backup", "version": "4.0.1", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "5.0.34", "operator": "le"}, {"name": "Oracle FLEXCUBE Direct Banking", "version": "12.0.3", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "16.1", "operator": "le"}, {"name": "Oracle FLEXCUBE Enterprise Limits and Collateral Management", "version": "12.0.1", "operator": "le"}, {"name": "Oracle Financial Services Asset Liability Management", "version": "8.0.4", "operator": "le"}, {"name": "Oracle Communications Session Border Controller", "version": "7.2.0", "operator": "le"}, {"name": "Oracle Financial Services Basel Regulatory Capital Basic", "version": "6.1.2", "operator": "le"}, {"name": "Oracle Financial Services Data Integration Hub", "version": "8.0.3", "operator": "le"}, {"name": "Oracle Hospitality OPERA 5 Property Services", "version": "5.4.3.x", "operator": "le"}, {"name": "Oracle Financial Services Retail Performance Analytics", "version": "8.0.0", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "13.3", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.2.1.2", "operator": "le"}, {"name": "Oracle Retail Order Broker", "version": "5.2", "operator": "le"}, {"name": "Oracle Retail Regular Price Optimization", "version": "15.0.2", "operator": "le"}, {"name": "Oracle Service Bus", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "11.3.0", "operator": "le"}, {"name": "Oracle Financial Services Analytical Applications Infrastructure", "version": "7.3.5", "operator": "le"}, {"name": "PeopleSoft Enterprise SCM Strategic Sourcing", "version": "9.2", "operator": "le"}, {"name": "Oracle Retail Replenishment Optimization", "version": "14.1.3", "operator": "le"}, {"name": "Oracle Financial Services Funds Transfer Pricing", "version": "6.1.1", "operator": "le"}, {"name": "MySQL Enterprise Backup", "version": "3.12.3", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "12.2.1.1.0", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "4.0", "operator": "le"}, {"name": "Oracle Retail Demand Forecasting", "version": "15.0.2", "operator": "le"}, {"name": "Oracle Communications Session Border Controller", "version": "7.4.0", "operator": "le"}, {"name": "Oracle Utilities Framework", "version": "4.1.0.2.0", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.3", "operator": "le"}, {"name": "Oracle FLEXCUBE Enterprise Limits and Collateral Management", "version": "12.1.0", "operator": "le"}, {"name": "Oracle Retail Warehouse Management System", "version": "13.2", "operator": "le"}, {"name": "Oracle Financial Services Asset Liability Management", "version": "6.0.0", "operator": "le"}, {"name": "Oracle Financial Services Funds Transfer Pricing", "version": "6.1.0", "operator": "le"}, {"name": "Oracle Financial Services Loan Loss Forecasting and Provisioning", "version": "8.0.2", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.0.1", "operator": "le"}, {"name": "Oracle Financial Services Data Foundation", "version": "8.0.2", "operator": "le"}, {"name": "Oracle Utilities Framework", "version": "2.2.0.0.0", "operator": "le"}, {"name": "Oracle Retail Regular Price Optimization", "version": "14.1.3", "operator": "le"}, {"name": "MySQL Enterprise Backup", "version": "4.0.3", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Financial Services Loan Loss Forecasting and Provisioning", "version": "8.0.3", "operator": "le"}, {"name": "MICROS Relate CRM Software", "version": "10.5", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Financial Services Liquidity Risk Management", "version": "8.0.2", "operator": "le"}, {"name": "Oracle Financial Services Profitability Management", "version": "8.0.3", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "14.1", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "12.0.3", "operator": "le"}, {"name": "Oracle Service Bus", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Oracle Financial Services Data Foundation", "version": "8.0.1", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.3.6", "operator": "le"}, {"name": "Oracle Utilities Framework", "version": "4.2.0.1.0", "operator": "le"}, {"name": "Oracle Financial Services Funds Transfer Pricing", "version": "8.0.1", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.5", "operator": "le"}, {"name": "Sun ZFS Storage Appliance Kit (AK)", "version": "2013", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.3.5", "operator": "le"}, {"name": "PHP", "version": "12.1.0.3.0", "operator": "le"}, {"name": "MySQL Workbench", "version": "6.3.7", "operator": "le"}, {"name": "Primavera Unifier", "version": "9.13", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "7u131", "operator": "le"}, {"name": "Oracle Financial Services Reconciliation Framework", "version": "8.0.2", "operator": "le"}, {"name": "Oracle Financial Services Asset Liability Management", "version": "8.0.1", "operator": "le"}, {"name": "Oracle Financial Services Loan Loss Forecasting and Provisioning", "version": "8.0.4", "operator": "le"}, {"name": "Oracle Financial Services Hedge Management and IFRS Valuations", "version": "8.0.4", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.2.1.1", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Financial Services Reconciliation Framework", "version": "8.0.1", "operator": "le"}, {"name": "Oracle Advanced Outbound Telephony", "version": "12.2.5", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "6u141", "operator": "le"}, {"name": "MICROS Xstore Payment", "version": "5.5", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.0.0", "operator": "le"}, {"name": "Oracle Retail XBRi Loss Prevention", "version": "10.6.0", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "13.3.3", "operator": "le"}, {"name": "Oracle Financial Services Analytical Applications Infrastructure", "version": "7.3.4", "operator": "le"}, {"name": "MySQL Cluster", "version": "7.5.5", "operator": "le"}, {"name": "PeopleSoft Enterprise SCM eBill Payment", "version": "9.2", "operator": "le"}, {"name": "Oracle Retail XBRi Loss Prevention", "version": "10.8.1", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.3", "operator": "le"}, {"name": "Primavera Unifier", "version": "15.2", "operator": "le"}, {"name": "Oracle Retail XBRi Loss Prevention", "version": "10.8.0", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "5.1.16", "operator": "le"}, {"name": "StorageTek Tape Analytics SW Tool", "version": "2.2.1", "operator": "le"}, {"name": "MICROS Relate CRM Software", "version": "11.1", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.2.1182", "operator": "le"}, {"name": "Oracle iReceivables", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Retail Size Profile Optimization", "version": "14.1.3", "operator": "le"}, {"name": "Oracle Retail Replenishment Optimization", "version": "15.0.2", "operator": "le"}, {"name": "Oracle Payables", "version": "12.2.3", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "10.3.6.0", "operator": "le"}, {"name": "Oracle Retail Invoice Matching", "version": "13.0", "operator": "le"}, {"name": "Oracle Retail Assortment Planning", "version": "16.0.0", "operator": "le"}, {"name": "Oracle iReceivables", "version": "12.1.1", "operator": "le"}, {"name": "Java SE", "version": "8u121", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "8u121", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.54", "operator": "le"}, {"name": "Oracle Financial Services Data Integration Hub", "version": "8.0.4", "operator": "le"}, {"name": "Oracle Financial Services Funds Transfer Pricing", "version": "8.0.2", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "15.0.2", "operator": "le"}, {"name": "Oracle Transportation Manager", "version": "6.3.4", "operator": "le"}, {"name": "Oracle Financial Services Institutional Performance Analytics", "version": "8.0.0", "operator": "le"}, {"name": "MySQL Workbench", "version": "6.3.8", "operator": "le"}, {"name": "Oracle Retail Customer Insights", "version": "15.0", "operator": "le"}, {"name": "Oracle Hospitality OPERA 5 Property Services", "version": "5.5.1.x", "operator": "le"}, {"name": "Oracle Real-Time Scheduler", "version": "2.3.0.1", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "5.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.0.2", "operator": "le"}, {"name": "Oracle Retail Size Profile Optimization", "version": "15.0.2", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "13.4.3", "operator": "le"}, {"name": "Oracle Retail Category Management", "version": "13.2", "operator": "le"}, {"name": "MySQL Cluster", "version": "7.2.27", "operator": "le"}, {"name": "Oracle Retail Item Planning", "version": "15.0.2", "operator": "le"}, {"name": "Oracle Retail Warehouse Management System", "version": "15.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.1.3", "operator": "le"}, {"name": "Oracle WebCenter Content", "version": "12.2.1.1", "operator": "le"}, {"name": "MICROS Relate CRM Software", "version": "11.0", "operator": "le"}, {"name": "PeopleSoft Enterprise FIN Receivables", "version": "9.2", "operator": "le"}, {"name": "PeopleSoft Enterprise CS Campus Community", "version": "9.2", "operator": "le"}, {"name": "Oracle Real-Time Scheduler", "version": "2.3.0.0", "operator": "le"}, {"name": "Siebel Apps - E-Billing", "version": "6.2", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.1.1", "operator": "le"}, {"name": "MICROS XBR", "version": "10.8.1", "operator": "le"}, {"name": "Oracle Financial Services Retail Customer Analytics", "version": "8.0.0", "operator": "le"}, {"name": "MICROS XBR", "version": "10.6.0", "operator": "le"}, {"name": "Oracle Fusion Middleware MapViewer", "version": "11.1.1.9", "operator": "le"}, {"name": "Oracle Financial Services Profitability Management", "version": "8.0.4", "operator": "le"}, {"name": "Oracle Social Network", "version": "11.1.12.0.0", "operator": "le"}, {"name": "Oracle WebCenter Content", "version": "11.1.1.9", "operator": "le"}, {"name": "Oracle Financial Services Data Integration Hub", "version": "8.0.2", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.0.3", "operator": "le"}, {"name": "Oracle User Management", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "14.1.3", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "15.0", "operator": "le"}, {"name": "Oracle Communications ASAP", "version": "7.0", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Retail Invoice Matching", "version": "14.0", "operator": "le"}, {"name": "MICROS Relate CRM Software", "version": "10.8", "operator": "le"}, {"name": "Primavera Gateway", "version": "16.1", "operator": "le"}, {"name": "MICROS Xstore Payment", "version": "15.0", "operator": "le"}, {"name": "Oracle Retail Merchandising Insights", "version": "15.0", "operator": "le"}, {"name": "Oracle Retail Predictive Application Server", "version": "15.0", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "7.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Direct Banking", "version": "12.0.2", "operator": "le"}, {"name": "MICROS Relate CRM Software", "version": "11.4", "operator": "le"}, {"name": "MICROS Relate CRM Software", "version": "15.0", "operator": "le"}, {"name": "Oracle iReceivables", "version": "12.1.2", "operator": "le"}, {"name": "Oracle FLEXCUBE Investor Servicing", "version": "12.0.3", "operator": "le"}, {"name": "Oracle Communications Security Gateway", "version": "3.0.0", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Retail Macro Space Optimization", "version": "15.0.2", "operator": "le"}, {"name": "Oracle Advanced Outbound Telephony", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Trace File Analyzer (TFA)", "version": "12.1.2.8.4", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "5.1.20", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.1.3", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.3.2.1162", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "7.1", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.4", "operator": "le"}, {"name": "Oracle iReceivables", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Financial Services Hedge Management and IFRS Valuations", "version": "8.0.2", "operator": "le"}, {"name": "MICROS Lucas", "version": "2.9.5.5", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "5.5", "operator": "le"}, {"name": "Oracle Insurance Data Foundation", "version": "8.0.1", "operator": "le"}, {"name": "Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach", "version": "6.1.2", "operator": "le"}, {"name": "Oracle Retail Store Inventory", "version": "14.1", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.4", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.1.2", "operator": "le"}, {"name": "Solaris", "version": "11.3", "operator": "le"}, {"name": "Oracle SuperCluster Specific Software", "version": "2.3.13", "operator": "le"}, {"name": "Oracle Financial Services Asset Liability Management", "version": "8.0.3", "operator": "le"}, {"name": "PeopleSoft Enterprise SCM Service Procurement", "version": "9.2", "operator": "le"}, {"name": "Oracle Retail Analytic Parameter Calculator - RO", "version": "15.0", "operator": "le"}, {"name": "Oracle Communications ASAP", "version": "7.2", "operator": "le"}, {"name": "Oracle Communications Session Border Controller", "version": "7.3.0", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "11.1", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.5", "operator": "le"}, {"name": "MySQL Server", "version": "5.7.17", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.6", "operator": "le"}, {"name": "Oracle One-to-One Fulfillment", "version": "12.2.4", "operator": "le"}, {"name": "MICROS Xstore Payment", "version": "6.5", "operator": "le"}, {"name": "Automatic Service Request (ASR)", "version": "5.7", "operator": "le"}], "cvelist": ["CVE-2017-3543", "CVE-2017-3565", "CVE-2017-3556", "CVE-2017-3495", "CVE-2017-3480", "CVE-2017-3585", "CVE-2017-3474", "CVE-2017-3518", "CVE-2017-3549", "CVE-2017-3607", "CVE-2015-5351", "CVE-2017-3434", "CVE-2017-3608", "CVE-2016-8620", "CVE-2015-1792", "CVE-2016-8623", "CVE-2017-3597", "CVE-2016-6796", "CVE-2017-3304", "CVE-2016-5420", "CVE-2017-3552", "CVE-2017-3586", "CVE-2017-3511", "CVE-2017-3356", "CVE-2017-3559", "CVE-2017-3581", "CVE-2017-3462", "CVE-2017-3524", "CVE-2017-3337", "CVE-2017-3579", "CVE-2016-6288", "CVE-2017-3347", "CVE-2016-4436", "CVE-2016-6290", "CVE-2016-8615", "CVE-2016-8616", "CVE-2017-3560", "CVE-2016-5019", "CVE-2016-8619", "CVE-2015-3236", "CVE-2017-3342", "CVE-2016-6306", "CVE-2017-3530", "CVE-2017-3541", "CVE-2017-3527", "CVE-2015-1789", "CVE-2017-3610", "CVE-2016-2183", "CVE-2017-3460", "CVE-2017-3432", "CVE-2017-3573", "CVE-2017-3487", "CVE-2017-3493", "CVE-2017-3528", "CVE-2015-0286", "CVE-2016-2178", "CVE-2017-3514", "CVE-2013-2005", "CVE-2017-3507", "CVE-2017-3478", "CVE-2017-3611", "CVE-2015-3195", "CVE-2017-3516", "CVE-2016-8743", "CVE-2017-3592", "CVE-2017-3571", "CVE-2017-3525", "CVE-2017-3563", "CVE-2017-3482", "CVE-2017-3476", "CVE-2016-8625", "CVE-2016-8618", "CVE-2017-3606", "CVE-2016-0714", "CVE-2016-3092", "CVE-2017-3477", "CVE-2014-3571", "CVE-2017-3506", "CVE-2017-3540", "CVE-2017-3471", "CVE-2016-6302", "CVE-2013-1985", "CVE-2017-3499", "CVE-2016-2177", "CVE-2017-3233", "CVE-2017-3569", "CVE-2013-1982", "CVE-2017-3465", "CVE-2017-3230", "CVE-2012-5883", "CVE-2017-3232", "CVE-2017-3619", "CVE-2016-0729", "CVE-2016-0635", "CVE-2016-2105", "CVE-2017-3622", "CVE-2013-1984", "CVE-2017-3513", "CVE-2017-3489", "CVE-2017-3306", "CVE-2017-3508", "CVE-2017-3459", "CVE-2016-2107", "CVE-2017-3568", "CVE-2016-7055", "CVE-2016-3607", "CVE-2015-7501", "CVE-2017-3510", "CVE-2017-3731", "CVE-2017-3625", "CVE-2016-6307", "CVE-2017-3572", "CVE-2013-2003", "CVE-2017-3536", "CVE-2017-3302", "CVE-2016-2510", "CVE-2017-3512", "CVE-2017-3503", "CVE-2017-5638", "CVE-2017-3564", "CVE-2016-8617", "CVE-2017-3626", "CVE-2016-0762", "CVE-2017-3502", "CVE-2016-1182", "CVE-2013-1987", "CVE-2017-3612", "CVE-2016-0763", "CVE-2017-3515", "CVE-2017-3463", "CVE-2017-3521", "CVE-2012-0920", "CVE-2016-6308", "CVE-2016-6816", "CVE-2016-2180", "CVE-2017-3591", "CVE-2017-3520", "CVE-2017-3578", "CVE-2017-3355", "CVE-2017-3547", "CVE-2013-1983", "CVE-2017-3613", "CVE-2012-5881", "CVE-2017-3621", "CVE-2017-3497", "CVE-2016-2109", "CVE-2015-5252", "CVE-2017-3456", "CVE-2017-3537", "CVE-2016-2181", "CVE-2017-3601", "CVE-2017-3523", "CVE-2017-3595", "CVE-2016-6304", "CVE-2017-3500", "CVE-2017-3580", "CVE-2014-0114", "CVE-2017-3483", "CVE-2017-3490", "CVE-2017-3451", "CVE-2017-3732", "CVE-2016-5407", "CVE-2017-3594", "CVE-2017-3604", "CVE-2017-3237", "CVE-2017-3618", "CVE-2017-3473", "CVE-2017-3331", "CVE-2017-3504", "CVE-2017-3574", "CVE-2017-3593", "CVE-2013-1995", "CVE-2012-5882", "CVE-2016-6817", "CVE-2017-3309", "CVE-2015-3237", "CVE-2017-3575", "CVE-2017-3329", "CVE-2016-6295", "CVE-2017-3509", "CVE-2017-3491", "CVE-2017-3492", "CVE-2016-6297", "CVE-2016-8622", "CVE-2016-6292", "CVE-2015-1788", "CVE-2017-3505", "CVE-2017-3533", "CVE-2017-3535", "CVE-2017-3605", "CVE-2017-3587", "CVE-2016-3504", "CVE-2017-3308", "CVE-2016-7052", "CVE-2017-3546", "CVE-2017-3558", "CVE-2017-3542", "CVE-2017-3496", "CVE-2017-3467", "CVE-2016-5018", "CVE-2017-3481", "CVE-2017-3345", "CVE-2014-3596", "CVE-2017-3548", "CVE-2017-3602", "CVE-2016-6289", "CVE-2015-0204", "CVE-2017-3583", "CVE-2016-0706", "CVE-2017-3457", "CVE-2017-3609", "CVE-2012-1007", "CVE-2017-3544", "CVE-2017-3603", "CVE-2013-1986", "CVE-2013-2002", "CVE-2017-3554", "CVE-2017-3475", "CVE-2016-8624", "CVE-2017-3570", "CVE-2016-1181", "CVE-2016-5483", "CVE-2016-3739", "CVE-2017-3486", "CVE-2017-3485", "CVE-2013-2566", "CVE-2016-2176", "CVE-2016-8735", "CVE-2015-1790", "CVE-2017-3453", "CVE-2017-3470", "CVE-2016-6294", "CVE-2017-3577", "CVE-2016-6305", "CVE-2017-3538", "CVE-2016-6303", "CVE-2017-3498", "CVE-2017-3526", "CVE-2017-3461", "CVE-2017-3393", "CVE-2017-3464", "CVE-2017-3620", "CVE-2017-3561", "CVE-2016-2182", "CVE-2017-3616", "CVE-2017-3501", "CVE-2017-3600", "CVE-2016-5421", "CVE-2017-3288", "CVE-2017-3522", "CVE-2016-5551", "CVE-2017-3531", "CVE-2017-3551", "CVE-2017-3582", "CVE-2017-3614", "CVE-2017-3458", "CVE-2017-3539", "CVE-2017-3469", "CVE-2004-2761", "CVE-2017-3589", "CVE-2017-3450", "CVE-2015-7940", "CVE-2016-3674", "CVE-2017-3599", "CVE-2017-3555", "CVE-2017-3584", "CVE-2017-3468", "CVE-2017-3615", "CVE-2017-3494", "CVE-2017-3557", "CVE-2017-3596", "CVE-2017-3519", "CVE-2016-6794", "CVE-2016-3506", "CVE-2017-3576", "CVE-2017-3254", "CVE-2017-3307", "CVE-2016-5419", "CVE-2017-3488", "CVE-2017-3553", "CVE-2017-3305", "CVE-2017-3534", "CVE-2017-3479", "CVE-2016-4802", "CVE-2017-3730", "CVE-2017-3623", "CVE-2016-6797", "CVE-2016-2179", "CVE-2017-3452", "CVE-2016-2106", "CVE-2016-6291", "CVE-2017-3517", "CVE-2017-3545", "CVE-2015-4852", "CVE-2017-3550", "CVE-2017-3472", "CVE-2017-3484", "CVE-2017-3234", "CVE-2013-5209", "CVE-2017-3454", "CVE-2017-3598", "CVE-2015-1791", "CVE-2016-8621", "CVE-2016-6296", "CVE-2017-3455", "CVE-2017-3590", "CVE-2017-3567", "CVE-2017-3532", "CVE-2016-6309", "CVE-2013-1998", "CVE-2017-3617"], "modified": "2017-06-20T00:00:00", "id": "ORACLE:CPUAPR2017-3236618", "href": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
