FasterXML Jackson-databind Deserialization Multiple Remote Code Execution Vulnerabilities

Bugtraq ID: 107985
Class: Design Error
CVE: CVE-2018-19360
CVE-2018-19361
CVE-2018-19362
Remote: Yes
Local: No
Published: Jan 02 2019 12:00AM
Updated: Jul 17 2019 07:00AM
Credit: Wuguixiong.
Vulnerable: Redhat Software Collections for RHEL 0
Redhat OpenStack Platform 8.0 (Liberty)
Redhat OpenStack Platform 14.0 (Rocky)
Redhat OpenStack Platform 13.0 (Queens)
Redhat OpenStack Platform 10
Redhat JBoss Fuse 7.0
Redhat JBoss EAP 7 0
Oracle WebCenter Portal 12.2.1.3.0
Oracle Retail Xstore Point of Service 7.1
Oracle Retail Xstore Point of Service 7.0
Oracle Retail Xstore Point of Service 18.0
Oracle Retail Xstore Point of Service 17.0
Oracle Retail Xstore Point of Service 16.0
Oracle Retail Xstore Point of Service 15.0
Oracle Retail Workforce Management Software 1.60.9.0.0
Oracle Retail Customer Management and Segmentation Foundation 18.0
Oracle Retail Customer Management and Segmentation Foundation 17.0
Oracle Retail Customer Management and Segmentation Foundation 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 17.7
Oracle Primavera Unifier 17.12
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera P6 Enterprise Project Portfolio Management 17.7
Oracle Primavera P6 Enterprise Project Portfolio Management 17.12
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera Gateway 18.8
Oracle Primavera Gateway 17.12
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle JD Edwards EnterpriseOne Tools 9.2
Oracle Insurance Performance Insight 8.0.7
Oracle Insurance Allocation Manager for Enterprise Profitability 8.0.8
Oracle Financial Services Retail Customer Analytics 8.0.6
Oracle Financial Services Retail Customer Analytics 8.0.5
Oracle Financial Services Retail Customer Analytics 8.0.4
Oracle Financial Services Profitability Management 8.0.7
Oracle Financial Services Profitability Management 8.0.6
Oracle Financial Services Profitability Management 8.0.5
Oracle Financial Services Profitability Management 8.0.4
Oracle Financial Services Price Creation and Discovery 8.0.7
Oracle Financial Services Price Creation and Discovery 8.0.5
Oracle Financial Services Price Creation and Discovery 8.0.4
Oracle Financial Services Institutional Performance Analytics 8.0.7
Oracle Financial Services Institutional Performance Analytics 8.0.5
Oracle Financial Services Institutional Performance Analytics 8.0.4
Oracle Financial Services Funds Transfer Pricing 8.0.7
Oracle Financial Services Funds Transfer Pricing 8.0.6
Oracle Financial Services Analytical Applications Infrastructure 8.0.8
Oracle Financial Services Analytical Applications Infrastructure 8.0.7
Oracle Financial Services Analytical Applications Infrastructure 8.0.6
Oracle Financial Services Analytical Applications Infrastructure 8.0.5
Oracle Financial Services Analytical Applications Infrastructure 8.0.4
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
Oracle Enterprise Manager for Virtualization 13.3
Oracle Enterprise Manager for Virtualization 13.2
Oracle Enterprise Manager for Virtualization 13.1
Oracle Communications Unified 8.0.0.2.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.6.2
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6
Oracle Banking Platform 2.6
Oracle Banking Platform 2.5.0
Oracle Banking Platform 2.5
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.4.0
FasterXML jackson-databind 2.9.7
FasterXML jackson-databind 2.9.6
FasterXML jackson-databind 2.9.5
FasterXML jackson-databind 2.9.4
FasterXML jackson-databind 2.9.2
FasterXML jackson-databind 2.9.1
FasterXML jackson-databind 2.9
FasterXML jackson-databind 2.8.11
FasterXML jackson-databind 2.8.10
FasterXML jackson-databind 2.8.9
FasterXML jackson-databind 2.8.8
FasterXML jackson-databind 2.8.7
FasterXML jackson-databind 2.8.8.1
FasterXML jackson-databind 2.8.11.2
FasterXML jackson-databind 2.8.11.1
FasterXML jackson-databind 2.7.9.4
FasterXML jackson-databind 2.7.9.3
FasterXML jackson-databind 2.7.9.1
FasterXML jackson-databind 2.6.7.1
Not Vulnerable: FasterXML jackson-databind 2.9.8


 

Privacy Statement
Copyright 2010, SecurityFocus