François Goichon

**Nome do software vulnerável e versões afetadas: Oracle Database Server versões 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c e 19c Descrição: O problema está relacionado à validação insuficiente de entradas no componente Oracle Text, permitindo que um invasor não autenticado com acesso à rede via Oracle Net comprometa o Oracle Text. Ataques bem-sucedidos podem resultar na tomada de controle do Oracle Text. A exploração dessa vulnerabilidade é considerada difícil. Recomendações: Para as versões 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c e 19c, atualize para uma versão que inclua a correção para esta vulnerabilidade. No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas: Oracle Database Server versões 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c Descrição: O problema está relacionado à validação insuficiente de entradas no componente Scheduler do Oracle Database Server, permitindo que um invasor com privilégios de baixo nível e acesso local comprometa o Scheduler. Ataques bem-sucedidos podem resultar na tomada de controle do Scheduler e causar impacto significativo em outros produtos. Recomendações: Para as versões 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c, considere restringir o acesso ao componente Scheduler até que um patch esteja disponível. Como solução alternativa temporária, considere desativar o componente Scheduler para minimizar o risco de exploração. No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** ActivePDF toolkit versions through 2018.1.0.18321 **Description** The issue is related to the Pictview image processing library embedded in the ActivePDF toolkit, which is prone to multiple out of bounds write and sign errors. This allows a remote attacker to execute arbitrary code on vulnerable applications that use the ActivePDF Toolkit to process untrusted images. **Recommendations** For versions through 2018.1.0.18321, update to a version later than 2018.1.0.18321 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NoviWare versions through NW400.2.6 **Description** The issue is caused by a stack-based buffer overflow in the ACL component of the NoviWare operating system. This can be exploited by a remote attacker using specially crafted network packets containing operating system commands, potentially allowing the execution of arbitrary code when ACL changes are applied. The vulnerability can be leveraged by remote, unauthenticated attackers to gain privileged code execution on the switch. **Recommendations** For NoviWare versions through NW400.2.6, consider restricting access to the ACL modification functionality until a patch is available, and avoid using the novi process manager daemon service for applying ACL changes to prevent potential exploitation. As a temporary workaround, limit the exposure of the network interface of the novi process manager daemon service to minimize the risk of remote, unauthenticated attacks.

**Name of the Vulnerable Software and Affected Versions** NoviWare versions through NW400.2.6 **Description** The issue arises from a bug in the NoviWare software distribution when applying ACL modifications, which can inadvertently expose network interfaces of the cliengine and noviengine services. This exposure can be leveraged by remote, unauthenticated attackers to gain privileged code execution on the switch due to a stack-based buffer overflow during the unserialization of packet data. The vulnerability is caused by incorrect handling of unserialized network packets, leading to a buffer overflow on the stack. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code during ACL modifications using specially crafted network packets. **Recommendations** For NoviWare versions through NW400.2.6, as a temporary workaround, consider restricting access to the ACL modification functionality until a patch is available. Avoid applying ACL changes from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NoviWare versions through NW400.2.6 **Description** The issue is related to a buffer overflow in the `show log cli` command of the novish command-line interface, which is part of the NoviWare software distribution. This could allow a read-only user to gain privileged code execution on the switch via command injection. The vulnerability can be exploited by a remote attacker with read-only access to gain superuser privileges. **Recommendations** For NoviWare versions through NW400.2.6, consider disabling the `show log cli` command as a temporary workaround until a patch is available. Restrict access to the novish command-line interface to minimize the risk of exploitation. Avoid using the `show log cli` command in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.