CVE-2018-11054

Name of the Vulnerable Software and Affected Versions: RSA BSAFE Micro Edition Suite version 4.1.6 Oracle Security Service (affected versions not specified) Oracle Database Server (affected versions not specified) Oracle Communications IP Service Activator (affected versions not specified) Enterprise Manager Ops Center (affected versions not specified)

Description: The issue is caused by an integer overflow vulnerability. A remote attacker could potentially use maliciously constructed ASN.1 data to cause a Denial Of Service. The vulnerability affects multiple software products, including RSA BSAFE Micro Edition Suite and various Oracle products.

Recommendations: For RSA BSAFE Micro Edition Suite version 4.1.6, update to a version that fixes the integer overflow vulnerability. For Oracle Security Service, apply the recommended configuration changes or patches to mitigate the issue. For Oracle Database Server, restrict access to the affected components until a patch is available. For Oracle Communications IP Service Activator, consider disabling the vulnerable functionality until an update is released. For Enterprise Manager Ops Center, avoid using the affected features until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability in some of the affected products.