First published: Tue Aug 08 2017(Updated: )
An unspecified vulnerability in Oracle Database Server related to the OJVM component could allow an authenticated attacker to take control of the system.
Credit: secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle Database | =11.2.0.4 | |
Oracle Database | =12.1.0.2 | |
Oracle Database | =12.2.0.1 | |
IBM ISIM VA | <=7.0.2 | |
IBM ISIM VA | <=7.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-10202 is an unspecified vulnerability in Oracle Database Server related to the OJVM component.
Oracle Database Server versions 11.2.0.4, 12.1.0.2, and 12.2.0.1 are affected by CVE-2017-10202.
CVE-2017-10202 can be exploited by a low privileged attacker with Create Session and Create Procedure privilege, who has network access via multiple protocols.
CVE-2017-10202 has a severity rating of critical.
You can find more information about CVE-2017-10202 at the following references: [Oracle Security Advisory](http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html), [SecurityFocus](http://www.securityfocus.com/bid/99865), [SecurityTracker](http://www.securitytracker.com/id/1038923).