CVE-2018-3259

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c

Description: The issue is related to a vulnerability in the Java VM component of Oracle Database Server, which is easily exploitable and allows an unauthenticated attacker with network access via multiple protocols to compromise the Java VM. Successful attacks can result in the takeover of the Java VM. The vulnerability is also related to insufficient access control.

Recommendations: For versions 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c, update to a version that includes a fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.