TTCSIRT-157.081718: TT-CSIRT Advisory – Oracle Security Updates
Oracle has released a security update stating that a vulnerability has been discovered in Oracle Database Server that could allow for complete compromise of the database.
The issue resides in the Oracle Database Server where low-privileged attackers that have Create Session privileges can compromise the Java Virtual Machine component and take complete control of the product and even establish shell access to the underlying server.
Further information on this vulnerability and how it can be mitigated can be found on the Oracle Website at http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-3110-5032149.html |