This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 2017-04-17
Product Utilities Advanced Spatial And Operational Analytics Last view 2019-07-09
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:* 4

Related : CVE

  Date Alert Description
9.8 2019-07-09 CVE-2018-11307

An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.

9.8 2018-02-06 CVE-2017-7525

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

9.8 2018-02-06 CVE-2017-15095

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.

9.8 2017-04-17 CVE-2017-5645

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

CWE : Common Weakness Enumeration

%idName
100% (3) CWE-502 Deserialization of Untrusted Data

Snort® IPS/IDS

Date Description
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45016 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45015 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45014 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45013 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45012 - Type : FILE-OTHER - Revision : 4
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45011 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45010 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45009 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45008 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45007 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45006 - Type : FILE-OTHER - Revision : 4
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45005 - Type : FILE-OTHER - Revision : 4
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45004 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45003 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45002 - Type : FILE-OTHER - Revision : 3

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-11-29 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_93f8e0fff33d11e8be460019dbb15b3f.nasl - Type: ACT_GATHER_INFO
2018-08-08 Name: A web application running on the remote host is affected by multiple vulnerab...
File: mysql_enterprise_monitor_3_4_8.nasl - Type: ACT_GATHER_INFO
2018-05-04 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4190.nasl - Type: ACT_GATHER_INFO
2018-03-21 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa_10838.nasl - Type: ACT_GATHER_INFO
2018-01-15 Name: The remote Fedora host is missing a security update.
File: fedora_2017-4a071ecbc7.nasl - Type: ACT_GATHER_INFO
2017-12-15 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-3455.nasl - Type: ACT_GATHER_INFO
2017-12-15 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-3454.nasl - Type: ACT_GATHER_INFO
2017-12-14 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-3458.nasl - Type: ACT_GATHER_INFO
2017-12-13 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2017-3399.nasl - Type: ACT_GATHER_INFO
2017-12-04 Name: A web application running on the remote host uses a Java framework that is af...
File: struts_2_5_14_1.nasl - Type: ACT_GATHER_INFO
2017-11-17 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4037.nasl - Type: ACT_GATHER_INFO
2017-11-16 Name: The remote Fedora host is missing a security update.
File: fedora_2017-e16ed3f7a1.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-3189.nasl - Type: ACT_GATHER_INFO
2017-11-10 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2017-3141.nasl - Type: ACT_GATHER_INFO
2017-10-23 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4004.nasl - Type: ACT_GATHER_INFO
2017-09-28 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2809.nasl - Type: ACT_GATHER_INFO
2017-09-28 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2808.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2811.nasl - Type: ACT_GATHER_INFO
2017-09-11 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2017-1213.nasl - Type: ACT_GATHER_INFO
2017-09-11 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2017-1214.nasl - Type: ACT_GATHER_INFO
2017-09-08 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2638.nasl - Type: ACT_GATHER_INFO
2017-09-08 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2637.nasl - Type: ACT_GATHER_INFO
2017-09-08 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2636.nasl - Type: ACT_GATHER_INFO
2017-09-08 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2635.nasl - Type: ACT_GATHER_INFO
2017-09-01 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-2423.nasl - Type: ACT_GATHER_INFO