Unrated severityNVD Advisory· Published Oct 17, 2018· Updated Oct 2, 2024

CVE-2018-3259

Description

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in takeover of Java VM. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Affected products

Oracle Corporation/Oracle Database Corecpe-rescue
Range: 11.2.0.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlmitrex_refsource_CONFIRM
www.securityfocus.com/bid/105648mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1041890mitrevdb-entryx_refsource_SECTRACK

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000