TTCSIRT-135.062618: TT-CSIRT Advisory – Microsoft Security Updates
Microsoft has released a security update stating that the following vulnerabilities have been discovered within the Oracle Outside In Technology Module being utilized by Microsoft Exchange Server:
a) A remote user can exploit a flaw in the Oracle Outside In Technology Outside In Filters component to access data and cause partial denial of service conditions – (CVE-2018-2768, CVE-2018-2806).
b) A remote user can exploit a flaw in the Oracle Outside In Technology Outside In Image Export SDK component to access data and cause partial denial of service conditions – (CVE-2018-2801).
| Further information on these vulnerabilities and how they can be mitigated can be found on the Microsoft Website at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180010 |