Oracle GoldenGate Manager Command Stack Buffer Overflow (CVE-2018-2913)

A stack-based buffer overflow exists in Oracle GoldenGate Manager. The vulnerability is due an input validation error when processing overly long command name. Successful exploitation could lead to arbitrary code execution...

CVE-2018-2912

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate subcomponent: Manager. Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle GoldenGate...

CVE-2018-2914

CVE-2018-2914 affects Oracle GoldenGate, specifically the Manager subcomponent. A DoS vulnerability exists in the Manager due to improper handling of a command, allowing an unauthenticated attacker with network access via TCP to cause the service to hang or frequently crash. Affected versions are...

Oracle GoldenGate Manager < 12.2.0.1.1 OBEY Command ggserr.log File Handling RCE

According to its self-reported version number, the Oracle GoldenGate Manager application running on the remote host is prior to 12.2.0.1.1. It is, therefore, affected by a remote code execution vulnerability due to improper handling of 'OBEY' commands and the ggserr.log file. An unauthenticated,...