Critical Vulnerability was discovered in the Java VM component of Oracle Database Server
Successful exploitation of this vulnerability can result in privilege escalation to session privileges. The attacker requires network access and low privileged credentials to compromise the Java Virtual machine, this can impact additional products relying on the Java Virtual Machine.
A vulnerability was discovered in the Java VM component of Oracle Database Server. Supported versions that are affected are 220.127.116.11, 18.104.22.168, 22.214.171.124 and 18. This easily exploitable vulnerability allows an attacker with low privilege credentials who has access to the network upgrade the current privileges to session privileges via the Oracle Net protocol to compromise the Java Virtual Machine. Successful attacks of this vulnerability can result in a takeover of Java Virtual Machine and products relying on the Java Virtual Machine.
CERT.be recommends users to always keep their systems up to date. Patches can be downloaded at the following address: http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html