Summary
Detail | |||
---|---|---|---|
Vendor | Oracle | First view | 2017-04-17 |
Product | Utilities Advanced Spatial And Operational Analytics | Last view | 2019-07-09 |
Version | Type | Application | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:* | 4 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
9.8 | 2019-07-09 | CVE-2018-11307 | An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6. |
9.8 | 2018-02-06 | CVE-2017-7525 | A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. |
9.8 | 2018-02-06 | CVE-2017-15095 | A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously. |
9.8 | 2017-04-17 | CVE-2017-5645 | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (3) | CWE-502 | Deserialization of Untrusted Data |
Snort® IPS/IDS
Date | Description |
---|---|
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45016 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45015 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45014 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45013 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45012 - Type : FILE-OTHER - Revision : 4 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45011 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45010 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45009 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45008 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45007 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45006 - Type : FILE-OTHER - Revision : 4 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45005 - Type : FILE-OTHER - Revision : 4 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45004 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45003 - Type : FILE-OTHER - Revision : 3 |
2017-12-29 | Jackson databind deserialization remote code execution attempt RuleID : 45002 - Type : FILE-OTHER - Revision : 3 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-11-29 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_93f8e0fff33d11e8be460019dbb15b3f.nasl - Type: ACT_GATHER_INFO |
2018-08-08 | Name: A web application running on the remote host is affected by multiple vulnerab... File: mysql_enterprise_monitor_3_4_8.nasl - Type: ACT_GATHER_INFO |
2018-05-04 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4190.nasl - Type: ACT_GATHER_INFO |
2018-03-21 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa_10838.nasl - Type: ACT_GATHER_INFO |
2018-01-15 | Name: The remote Fedora host is missing a security update. File: fedora_2017-4a071ecbc7.nasl - Type: ACT_GATHER_INFO |
2017-12-15 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-3455.nasl - Type: ACT_GATHER_INFO |
2017-12-15 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-3454.nasl - Type: ACT_GATHER_INFO |
2017-12-14 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-3458.nasl - Type: ACT_GATHER_INFO |
2017-12-13 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2017-3399.nasl - Type: ACT_GATHER_INFO |
2017-12-04 | Name: A web application running on the remote host uses a Java framework that is af... File: struts_2_5_14_1.nasl - Type: ACT_GATHER_INFO |
2017-11-17 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4037.nasl - Type: ACT_GATHER_INFO |
2017-11-16 | Name: The remote Fedora host is missing a security update. File: fedora_2017-e16ed3f7a1.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-3189.nasl - Type: ACT_GATHER_INFO |
2017-11-10 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2017-3141.nasl - Type: ACT_GATHER_INFO |
2017-10-23 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4004.nasl - Type: ACT_GATHER_INFO |
2017-09-28 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-2809.nasl - Type: ACT_GATHER_INFO |
2017-09-28 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-2808.nasl - Type: ACT_GATHER_INFO |
2017-09-27 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-2811.nasl - Type: ACT_GATHER_INFO |
2017-09-11 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2017-1213.nasl - Type: ACT_GATHER_INFO |
2017-09-11 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2017-1214.nasl - Type: ACT_GATHER_INFO |
2017-09-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-2638.nasl - Type: ACT_GATHER_INFO |
2017-09-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-2637.nasl - Type: ACT_GATHER_INFO |
2017-09-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-2636.nasl - Type: ACT_GATHER_INFO |
2017-09-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-2635.nasl - Type: ACT_GATHER_INFO |
2017-09-01 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2017-2423.nasl - Type: ACT_GATHER_INFO |