Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java VM. CVSS 3.0 Base Score 6.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H).
Metrics
Affected Vendors & Products
References
History
Tue, 01 Oct 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: oracle
Published: 2019-07-23T22:31:43
Updated: 2024-10-01T16:44:11.532Z
Reserved: 2018-12-14T00:00:00
Link: CVE-2019-2749
Vulnrichment
Updated: 2024-08-04T18:56:45.590Z
NVD
Status : Modified
Published: 2019-07-23T23:15:38.977
Modified: 2024-11-21T04:41:28.747
Link: CVE-2019-2749
Redhat
No data.