5 matches found
Security Bulletin: IBM Security Verify Information Queue uses an Oracle JDBC jar with multiple vulnerabilities (CVE-2019-2444, CVE-2019-2619, CVE-2017-10321, CVE-2017-10202)
Summary The connect image in IBM Security Verify Information Queue ISIQ v10.0.2 uses an older version of the Oracle JDBC jar file that has multiple vulnerabilities. ISIQ v10.0.3 upgraded its connect image to include a newer Oracle JDBC jar that remediates the vulnerabilities. CVE-2019-2444,...
Oracle Database Server Multiple Vulnerabilities (Jan 2019 CPU)
The remote Oracle Database Server is missing the January 2019 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - An authenticated remote database takeover vulnerability exists in the Oracle RDBMS. An authenticated, remote attacker with the Create Session, Execut...
CVE-2019-2444
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Core RDBMS executes to compromise Cor...
CVE-2019-2444
CVE-2019-2444 affects Oracle Database Server Core RDBMS. Affected versions are 12.2.0.1 and 18c. The vulnerability allows a low-privileged, local attacker with logon to the infrastructure where Core RDBMS runs to take over the Core RDBMS, with exploitation requiring user interaction. CVSSv3 base ...
CVE-2019-2444
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Core RDBMS executes to compromise Cor...