SUSE-SU-2018:0005-1 Security update for java-1_7_0-openjdk

This update for java-170-openjdk fixes the following issues: Security issues fixed: - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

Unspecified Vulnerability in Oracle Virtualization VM VirtualBox Component (CNVD-2017-31307)

Oracle Virtualization is the American Oracle Oracle company's set of hardware and software virtualization management solutions. Oracle VM VirtualBox is one of the virtual machine components. An unspecified vulnerability exists in the Core subcomponent of the Oracle VM VirtualBox component of Orac...

Unspecified Vulnerability in Oracle PeopleSoft Products PeopleSoft Enterprise HCM Component (CNVD-2017-31848)

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise HCM is one of the Human Capital Management HCM components. An unspecified...

Unspecified Vulnerability in Oracle PeopleSoft Products PeopleSoft Enterprise HCM Component (CNVD-2017-31849)

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise HCM is one of the Human Capital Management HCM components. An unspecified...

Oracle Retail Applications Unspecified Vulnerability in Oracle Retail Point-of-Service Component

Oracle Retail Applications is the United States Oracle Oracle company's set of retail applications store solutions. Oracle Retail Point-of-Service is one of the retail point-of-service management components. An unspecified vulnerability exists in the Security subcomponent of the Oracle Retail...

Unspecified Vulnerability in Oracle Sun Systems Products Suite Oracle Integrated Lights Out Manager Component (CNVD-2017-31865)

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation.Oracle Integrated Lights Out Manager ILOM is one of the server management tools. An unspecified vulnerability exists in the Folios subcomponent of the Oracle ILOM component in Oracle Sun Systems Products...

Unspecified Vulnerability in Oracle Retail Applications Retail Back Office Component (CNVD-2017-31065)

Oracle Retail Applications is a suite of retail applications store solutions from Oracle Corporation, of which Oracle Retail Back Office is a retail back office component that provides retailers with real-time access to storage management and reporting capabilities. An unspecified vulnerability...

Unspecified Vulnerability in Oracle VM VirtualBox Component

Oracle Virtualization is a set of hardware and software virtualization management solutions from Oracle. Oracle VM VirtualBox is one of the virtual machine components. An unspecified vulnerability exists in the Core subcomponent of the Oracle VM VirtualBox component in Oracle Virtualization,...

CVE-2017-10349

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2017-10333

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: EAI. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework. While the vulnerabilit...

CVE-2017-10311

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: FTS. Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Buffer overflow

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Engagement. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

Code injection

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

Code injection

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2017-10311

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: FTS. Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Java SE and Java SE Embedded Denial of Service Vulnerability (CNVD-2017-32258)

Oracle Java SE and Java SE Embedded are both products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, as well as embedded devices and real-time environments; Java SE Embedded is a Java platform for the developmen...

Unspecified Vulnerability in Oracle Mobile Field Service Component

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. Oracle Mobile Field Service is one of the field servi...

Unspecified Vulnerability in Oracle Application Object Library

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. Oracle Application Object Library AOL, Application Object Library is one of the system management components. An unspecified vulnerability exists in t...

Unspecified Vulnerability in Oracle GlassFish Server

Oracle Fusion Middleware Oracle Fusion Middleware is the United States Oracle Oracle company's set of business innovation platform for enterprise and cloud environments. The platform provides middleware, software collection and other functions. Oracle GlassFish Server is one of the components tha...

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2017-31501)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platform for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. Oracle WebLogic Server is one of the application server components for cloud and traditional...