Vulnetix
Try Vulnetix Request Demo
CVE-2018-3259 PUBLISHED CVSS 7.5 HIGH

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in takeover of Java VM. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

EPSS 4.95% · 89.6th percentile

Risk Scores

CVSS v2.0
7.5
EPSS Score
4.95%
89.6th percentile

Affected Products

VendorProductVersions
Oracle CorporationOracle Database11.2.0.4, 12.1.0.2, 12.2.0.1
oracledatabase_server11.2.0.4, 12.1.0.2, 12.2.0.1

Timeline

References

Open in Interactive Console →