tr

Updated:12:18 PM EST Feb 25


this is ggmania.com subsite Oracle issues emergency update - TechAmok

Oracle issues emergency update - [security]
05:09 PM EDT - Jun,19 2019 - post a comment

Oracle on Tuesday published an out-of-band update patching a critical code-execution vulnerability in its WebLogic server after researchers warned that the flaw was being actively exploited in the wild.

The vulnerability, tracked as CVE-2019-2729, allows an attacker to run malicious code on the WebLogic server without any need for authentication. That capability earned the vulnerability a Common Vulnerability Scoring System score of 9.8 out of 10. The vulnerability is a deserialization attack targeting two Web applications that WebLogic appears to expose to the Internet by default - wls9_async_response and wls-wsat.war.

The flaw in Oracle's WebLogic Java application servers came to light as a zero-day four days ago when it was reported by security firm KnownSec404.

This isn't the first, or even second, deserialization attack that has been used to target these services. The wls-wsat component was successfully exploited in a similar fashion in 2017, and KnownSec404 reported another one in April. The 2017 vulnerability was largely used to install bitcoin miners; April's vulnerability was exploited in cryptojacking and ransomware campaigns. Oracle's current out-of-band patch and advisory notice has not officially acknowledged the active exploitation of CVE-2019-2729, but it does mark the vulnerability as high risk and advises customers to apply the out-of-band patch as soon as possible.

Short overview of recent news articles

Titan's Treasure PUZZLE Lock Solved
2020 Moto RAZR Durability Test!
Fingerprint/RFID Lock Defeated With a Paperclip
NIGHTWISH - Noise (OFFICIAL MUSIC VIDEO)
Back to the Future: Tesla CyberTruck Edition - Video
Microsoft Flight Simulator- leaked gameplay
Apple Finally Buying AMD CPUs?
Nokia 2.3 Offers 2-Day Battery for $129
The Jesus Rolls - Official VOD Trailer
AMD Desktop Processor Market Share Now at 18.3%
AMD Radeon Adrenalin 2020 Edition 20.2.1 driver
Russian Multiplication - Numberphile
NVIDIA's GeForce Now Service is Launched
VMWare Updates Licensing Model, Setting 32-Core Limit
MS Releases Microcode Updates Adressing Intel CPU Vulnerabilities
Facebook Expands Parental Controls for Messenger Kids
Shakira & J. Lo's FULL Pepsi Super Bowl LIV Halftime Show
Jason Momoa Super Bowl Commercial 2020
Resident Evil Netflix Series to Enter Production in June
NVIDIA GeForce 442.19 WHQL driver
BEST SUPER BOWL 2020 Commercials Sneak Peek!
TESTAMENT - Night of the Witch
FAST AND FURIOUS 9 Trailer (2020)
Stadium roof collapse kills worker in Russia
Most Popular TV Series 1986 - 2019
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs