4 matches found
Security Bulletin: IBM Security Verify Information Queue uses an Oracle JDBC jar with multiple vulnerabilities (CVE-2019-2444, CVE-2019-2619, CVE-2017-10321, CVE-2017-10202)
Summary The connect image in IBM Security Verify Information Queue ISIQ v10.0.2 uses an older version of the Oracle JDBC jar file that has multiple vulnerabilities. ISIQ v10.0.3 upgraded its connect image to include a newer Oracle JDBC jar that remediates the vulnerabilities. CVE-2019-2444,...
CVE-2017-10321
CVE-2017-10321 affects Oracle Database Server, specifically the Core RDBMS component. Affected versions include 11.2.0.4, 12.1.0.2, and 12.2.0.1. The vulnerability can be exploited by a low-privileged user with Create Session privilege to compromise the Core RDBMS, with potential impact to confid...
CVE-2017-10321
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows low privileged attacker having Create session privilege with logon to the infrastructure where Core RDBMS executes...
Oracle Database Multiple Vulnerabilities (October 2017 CPU)
The remote Oracle Database Server is missing the October 2017 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note tha...