SUSE Manager 2.1: Advisory 2015:1353-1 Important: Oracle Issue Fixes
suse
August 6, 2015
An update that fixes 8 vulnerabilities is now available
Summary
oracle-update was updated to fix eight security issues. These security issues were fixed: - CVE-2015-2629: Vulnerability in the Java VM component of Oracle Database Server. This vulnerability requires Create Session privileges for a successful attack. Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution (bsc#938160). - CVE-2015-2599: Vulnerability in the RDBMS Scheduler component of Oracle Database Server. This vulnerability requires Alter Session privileges for a successful attack. Successful attack of this vulnerability can result in unauthorized read access to all RDBMS Scheduler accessible data (bsc#938160).
References
#938160
Cross- CVE-2015-0468 CVE-2015-2599 CVE-2015-2629
CVE-2015-2646 CVE-2015-2647 CVE-2015-4735
CVE-2015-4740 CVE-2015-4753
Affected Products:
SUSE Manager 2.1
https://www.suse.com/security/cve/CVE-2015-0468.html
https://www.suse.com/security/cve/CVE-2015-2599.html
https://www.suse.com/security/cve/CVE-2015-2629.html
https://www.suse.com/security/cve/CVE-2015-2646.html
https://www.suse.com/security/cve/CVE-2015-2647.html
https://www.suse.com/security/cve/CVE-2015-4735.html
https://www.suse.com/security/cve/CVE-2015-4740.html
https://www.suse.com/security/cve/CVE-2015-4753.html
https://bugzilla.suse.com/938160
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2015:1353-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!