{"id":14323,"date":"2018-07-18T10:58:43","date_gmt":"2018-07-18T08:58:43","guid":{"rendered":"\/?p=14323"},"modified":"2019-03-11T11:00:12","modified_gmt":"2019-03-11T10:00:12","slug":"oracle-patch-day-java-vulnerabilities","status":"publish","type":"post","link":"\/de\/security-alert\/oracle-patch-day-java-vulnerabilities\/","title":{"rendered":"Oracle Patch Day \/ Java Vulnerabilities"},"content":{"rendered":"<p>Original date: 18.07.2018<br \/>\nOverall risk classification: <span class=\"badge badge-warning\">MEDIUM<\/span> <\/p>\n<h3>Overview<\/h3>\n<p>Oracle has published an advisory and updates regarding many of its software products. The advisory also contains several severe vulnerabilities in the Java ecosystem, some of which allowing remote attackers to execute arbitrary code on Java systems [1]. If your project employs Java, it is strongly advised to review whether the system is affected from any of the new vulnerabilities and to install the new patches as soon as possible. Additionally, revise whether your project runs any other Oracle products that have been updated, for instance MySQL.<\/p>\n<h3>Systems Affected<\/h3>\n<p>Among other versions and Oracle products, the current Java SE versions 6u191, 7u181, 8u172 and 10.0.1 are affected.<\/p>\n<h3>Threat<\/h3>\n<p><strong>Risk<\/strong>: <span class=\"badge badge-danger\">HIGH<\/span><br \/>\nSeveral vulnerabilities allow for remote code execution. Thus, an attacker might be able to take over the server over the internet.<br \/>\n<strong>Exploitability<\/strong>: <span class=\"badge badge-warning\">MEDIUM<\/span><br \/>\nGiven the number of vulnerabilities published in the advisory and multitude of different Java installations found in practice, every project itself has to inspect whether the employed Java installation is vulnerable or whether software products based on it can be attacked.<br \/>\n<strong>Priority<\/strong> (for affected, internet-exposed systems): <span class=\"badge badge-danger\">HIGH<\/span><br \/>\n<strong>Priority<\/strong> (for internal systems): <span class=\"badge badge-warning\">MEDIUM<\/span> <\/p>\n<h3>Mitigation<\/h3>\n<p>Update to the latest versions. <\/p>\n<h3>Author<\/h3>\n<p>Bj\u00f6rn Kirschner<\/p>\n<h3>References<\/h3>\n<p>[1] http:\/\/www.oracle.com\/technetwork\/security-advisory\/cpujul2018-4258247.html#AppendixJAVA<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oracle has published an advisory and updates regarding many of its software products. The advisory also contains several severe vulnerabilities in the Java ecosystem, some of which allowing remote attackers to execute arbitrary code on Java systems.<\/p>\n","protected":false},"author":29,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[64],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Oracle Patch Day \/ Java Vulnerabilities - sectest.team<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"\/security-alert\/oracle-patch-day-java-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Oracle Patch Day \/ Java Vulnerabilities\" \/>\n<meta property=\"og:description\" content=\"Oracle has published an advisory and updates regarding many of its software products. The advisory also contains several severe vulnerabilities in the Java ecosystem, some of which allowing remote attackers to execute arbitrary code on Java systems.\" \/>\n<meta property=\"og:url\" content=\"\/security-alert\/oracle-patch-day-java-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"sectest.team\" \/>\n<meta property=\"article:published_time\" content=\"2018-07-18T08:58:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-03-11T10:00:12+00:00\" \/>\n<meta name=\"author\" content=\"Tuyen Nguyen\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tuyen Nguyen\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"1\u00a0Minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"\/security-alert\/oracle-patch-day-java-vulnerabilities\/\",\"url\":\"https:\/\/sectest.hostpress.me\/security-alert\/oracle-patch-day-java-vulnerabilities\/\",\"name\":\"[:en]Oracle Patch Day \/ Java Vulnerabilities[:] - sectest.team\",\"isPartOf\":{\"@id\":\"https:\/\/sectest.hostpress.me\/#website\"},\"datePublished\":\"2018-07-18T08:58:43+00:00\",\"dateModified\":\"2019-03-11T10:00:12+00:00\",\"author\":{\"@id\":\"https:\/\/sectest.hostpress.me\/#\/schema\/person\/ac34e9ab3a597646eb101a26405d2c28\"},\"breadcrumb\":{\"@id\":\"https:\/\/sectest.hostpress.me\/security-alert\/oracle-patch-day-java-vulnerabilities\/#breadcrumb\"},\"inLanguage\":\"de-DE\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/sectest.hostpress.me\/security-alert\/oracle-patch-day-java-vulnerabilities\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/sectest.hostpress.me\/security-alert\/oracle-patch-day-java-vulnerabilities\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"\/de\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Oracle Patch Day \/ Java Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/sectest.hostpress.me\/#website\",\"url\":\"https:\/\/sectest.hostpress.me\/\",\"name\":\"sectest.team\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/sectest.hostpress.me\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"de-DE\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/sectest.hostpress.me\/#\/schema\/person\/ac34e9ab3a597646eb101a26405d2c28\",\"name\":\"Tuyen Nguyen\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de-DE\",\"@id\":\"https:\/\/sectest.hostpress.me\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ebe0b5655ad033f17aac019256490ba4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ebe0b5655ad033f17aac019256490ba4?s=96&d=mm&r=g\",\"caption\":\"Tuyen Nguyen\"},\"url\":\"\/de\/security-alert\/author\/tutnguyen\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Oracle Patch Day \/ Java Vulnerabilities - sectest.team","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sectest.hostpress.me\/security-alert\/oracle-patch-day-java-vulnerabilities\/","og_locale":"de_DE","og_type":"article","og_title":"[:en]Oracle Patch Day \/ Java Vulnerabilities[:] - sectest.team","og_description":"[:en]Oracle has published an advisory and updates regarding many of its software products. The advisory also contains several severe vulnerabilities in the Java ecosystem, some of which allowing remote attackers to execute arbitrary code on Java systems.[:]","og_url":"\/security-alert\/oracle-patch-day-java-vulnerabilities\/","og_site_name":"sectest.team","article_published_time":"2018-07-18T08:58:43+00:00","article_modified_time":"2019-03-11T10:00:12+00:00","author":"Tuyen Nguyen","twitter_misc":{"Verfasst von":"Tuyen Nguyen","Gesch\u00e4tzte Lesezeit":"1\u00a0Minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"\/security-alert\/oracle-patch-day-java-vulnerabilities\/","url":"https:\/\/sectest.hostpress.me\/security-alert\/oracle-patch-day-java-vulnerabilities\/","name":"[:en]Oracle Patch Day \/ Java Vulnerabilities[:] - sectest.team","isPartOf":{"@id":"https:\/\/sectest.hostpress.me\/#website"},"datePublished":"2018-07-18T08:58:43+00:00","dateModified":"2019-03-11T10:00:12+00:00","author":{"@id":"https:\/\/sectest.hostpress.me\/#\/schema\/person\/ac34e9ab3a597646eb101a26405d2c28"},"breadcrumb":{"@id":"https:\/\/sectest.hostpress.me\/security-alert\/oracle-patch-day-java-vulnerabilities\/#breadcrumb"},"inLanguage":"de-DE","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sectest.hostpress.me\/security-alert\/oracle-patch-day-java-vulnerabilities\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/sectest.hostpress.me\/security-alert\/oracle-patch-day-java-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"\/de\/"},{"@type":"ListItem","position":2,"name":"Oracle Patch Day \/ Java Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/sectest.hostpress.me\/#website","url":"https:\/\/sectest.hostpress.me\/","name":"sectest.team","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sectest.hostpress.me\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"de-DE"},{"@type":"Person","@id":"https:\/\/sectest.hostpress.me\/#\/schema\/person\/ac34e9ab3a597646eb101a26405d2c28","name":"Tuyen Nguyen","image":{"@type":"ImageObject","inLanguage":"de-DE","@id":"https:\/\/sectest.hostpress.me\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ebe0b5655ad033f17aac019256490ba4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ebe0b5655ad033f17aac019256490ba4?s=96&d=mm&r=g","caption":"Tuyen Nguyen"},"url":"\/de\/security-alert\/author\/tutnguyen\/"}]}},"_links":{"self":[{"href":"https:\/\/sectest.hostpress.me\/de\/wp-json\/wp\/v2\/posts\/14323"}],"collection":[{"href":"https:\/\/sectest.hostpress.me\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sectest.hostpress.me\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sectest.hostpress.me\/de\/wp-json\/wp\/v2\/users\/29"}],"replies":[{"embeddable":true,"href":"https:\/\/sectest.hostpress.me\/de\/wp-json\/wp\/v2\/comments?post=14323"}],"version-history":[{"count":1,"href":"https:\/\/sectest.hostpress.me\/de\/wp-json\/wp\/v2\/posts\/14323\/revisions"}],"predecessor-version":[{"id":14324,"href":"https:\/\/sectest.hostpress.me\/de\/wp-json\/wp\/v2\/posts\/14323\/revisions\/14324"}],"wp:attachment":[{"href":"https:\/\/sectest.hostpress.me\/de\/wp-json\/wp\/v2\/media?parent=14323"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sectest.hostpress.me\/de\/wp-json\/wp\/v2\/categories?post=14323"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sectest.hostpress.me\/de\/wp-json\/wp\/v2\/tags?post=14323"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}