/?pid=oracle-issues-emergency-update-20909

Updated:02:11 PM EST Mar 06
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 Oracle issues emergency update - TechAmok

Oracle issues emergency update - [security]
05:09 PM EDT - Jun,19 2019 - post a comment

Oracle on Tuesday published an out-of-band update patching a critical code-execution vulnerability in its WebLogic server after researchers warned that the flaw was being actively exploited in the wild.

The vulnerability, tracked as CVE-2019-2729, allows an attacker to run malicious code on the WebLogic server without any need for authentication. That capability earned the vulnerability a Common Vulnerability Scoring System score of 9.8 out of 10. The vulnerability is a deserialization attack targeting two Web applications that WebLogic appears to expose to the Internet by default - wls9_async_response and wls-wsat.war.

The flaw in Oracle's WebLogic Java application servers came to light as a zero-day four days ago when it was reported by security firm KnownSec404.

This isn't the first, or even second, deserialization attack that has been used to target these services. The wls-wsat component was successfully exploited in a similar fashion in 2017, and KnownSec404 reported another one in April. The 2017 vulnerability was largely used to install bitcoin miners; April's vulnerability was exploited in cryptojacking and ransomware campaigns. Oracle's current out-of-band patch and advisory notice has not officially acknowledged the active exploitation of CVE-2019-2729, but it does mark the vulnerability as high risk and advises customers to apply the out-of-band patch as soon as possible.

Short overview of recent news articles

Anthropic CEO Drops Bombshell: Claude AI Might Actually Be Conscious (Mar,06 2026 )

Windows Update KB5077181 Sparks Gaming Stutter Crisis - Easy Fix (Mar,06 2026 )

Google's 2025 Zero-Day Tally: 90 Exploits, Enterprise Under Siege, (Mar,06 2026 )

Windows Secure Boot is EXPIRING: Do This Before June 2026! (Mar,06 2026 )

Spy-Grade 'Coruna' Exploit Kit Now Fuels Mass Crypto Thefts on (Mar,05 2026 )

Google Drops Urgent Chrome Patch: 10 Flaws Fixed in Critical (Mar,05 2026 )

NVIDIA GeForce Hotfix Driver v595.76 is now available (Mar,05 2026 )

Google Slashes App Store Fees and Opens Door to Third-Party Stores (Mar,04 2026 )

Android's New Update Brings New Find My Features (Mar,04 2026 )

Samsung Confirms DRAM Prices Surge Over 100% in Q1 2026 Amid (Mar,04 2026 )

HW News - "Microslop" Censored, NVIDIA Unlaunches Drivers Again, (Mar,04 2026 )

A €55 ITX Case! - DeepCool CH170 DIGITAL Review (Mar,04 2026 )

Critical Flaw in MS-Agent AI Framework Exposes Systems to Remote (Mar,04 2026 )

South Korean Tax Officials Fumble $4.8 Million in Seized Crypto (Mar,04 2026 )

Windows 11 Upgrade Bug 'Deletes the Internet' for Some Users, (Mar,03 2026 )

Open-Source AI 'Hacker' Shannon Explodes to Fame with 96% Exploit (Mar,03 2026 )

Google Drops Massive Android Security Patch: Fixes 129 Flaws (Mar,03 2026 )

Apple Unveils iPhone 17e: MagSafe, A19 Chip, and Double Storage at (Mar,02 2026 )

NVIDIA GeForce 595.71 WHQL Driver (Mar,02 2026 )

Russian-Linked APT28 Exploits Zero-Day in Legacy MSHTML Engine to (Mar,02 2026 )

Honor Unveils Mind-Blowing Robot Phone with Dancing Camera at MWC (Mar,02 2026 )

Resident Evil 9 Requiem - Bonus DLC (Mar,02 2026 )

Microsoft's Copilot Discord Server Locked Amid 'Microslop' Spam (Mar,01 2026 )

Anghami CEO Open-Sources Powerful Real-Time Global War Monitor (Mar,01 2026 )

Chinese Developers Unleash Blazing-Fast Android AI Agent with (Mar,01 2026 )

Claude Surges to #1 on App Store as ChatGPT Faces Boycott Backlash (Mar,01 2026 )

Google Reveals Key New Features of Android 17 (Feb,28 2026 )

OLED Gaming Monitors Are Finally Affordable (Feb,28 2026 )

OpenAI's KYC Partner Exposed in Surveillance Scandal as ChatGPT (Feb,28 2026 )

Pentagon Blacklists Anthropic Over AI Safeguards; OpenAI Secures (Feb,28 2026 )

Have RAM and GPU Prices Peaked? (Feb,27 2026 )

Zoom 'Update' Trap: Fake Site Infects 1,437 Users with Spyware in (Feb,27 2026 )

Stop WASTING Money on Fancy RAM (Feb,27 2026 )

Drunk AI robot (Feb,27 2026 )

AirSnitch Exposes Critical Flaw: Wi-Fi Client Isolation Broken in (Feb,26 2026 )

Revolutionary Ultrasonic Knife Hits Kitchens: C-200 Vibrates for (Feb,26 2026 )

Apple Scores Historic NATO Security Clearance: iPhone and iPad First (Feb,26 2026 )

Kali Linux Goes AI-Powered: Claude Now Runs Your Pen Tests in Plain (Feb,26 2026 )

Resident Evil Requiem - Stunning on PS5 Pro + PS5/Xbox Series X|S (Feb,26 2026 )

Samsung Galaxy S26 Ultra Flexes Hardware Muscle Over iPhone 17 Pro (Feb,26 2026 )

The Galaxy S26 Ultra has a 'wow' feature with video Lock (Feb,26 2026 )

I built the most BORING PC possible... and here is why it's (Feb,26 2026 )

Micron Blasts GDDR7 as Gaming Bottleneck While Nvidia's RTX 50 (Feb,26 2026 )

UK Tightens Grip on Streaming Giants: Age Verification Now Mandatory (Feb,26 2026 )

Samsung Previews New AI Features Ahead of Flagship Phone Launch (Feb,25 2026 )

China's DeepSeek Bars Nvidia and AMD from New AI Model, Boosts (Feb,25 2026 )

Avast Impersonation Scam: Fake Site Tricks Users into Handing Over (Feb,25 2026 )

Microsoft Pulls the Plug: Windows Server 2016 and 2016-Era Windows (Feb,25 2026 )

I Scrapped 13 MACHINES to Prove a Point: STOP BUYING These Brands! (Feb,25 2026 )

How Stealthy was the 7zip Malware and how to spot it? (Feb,25 2026 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs