Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
FYI...
Oracle Security Alert Advisory - CVE-2017-9805
- https://blogs.oracle...7-9805-released
Sep 22, 2017 - "Last week, Equifax identified an Apache Struts 2 vulnerability, CVE-2017-5638, as having been exploited in a significant security incident. Oracle distributed the Apache Foundation’s fixes for CVE-2017-5638 several months ago in the April 2017 Critical Patch Update, which should have already been applied to customer systems well before this breach came to light. Recently, the Apache Foundation released fixes for a number of additional Apache Struts 2 vulnerabilities, including CVE-2017-9805, CVE-2017-7672, CVE-2017-9787, CVE-2017-9791, CVE-2017-9793, CVE-2017-9804, and CVE-2017-12611. Oracle just published Security Alert CVE-2017-9805* in order to distribute these fixes to our customers. Please refer to the Security Alert advisory* for the technical details of these bugs as well as the CVSS Base Score information. Oracle strongly recommends that customers apply the fixes contained in this Security Alert as soon as possible. Furthermore, Oracle reminds customers that they should keep up with security releases and should have applied the July 2017 Critical Patch Update** (the most recent Critical Patch Update release).
The next Critical Patch Update release is on October 17, 2017.."
* http://www.oracle.co...05-3889403.html
** http://www.oracle.co...17-3236622.html
> https://nvd.nist.gov...l/CVE-2017-5638
Last Modified: 09/22/2017
CVSS v3 Base Score: 10.0 Critical
> https://nvd.nist.gov...l/CVE-2017-9805
Last revised: 09/21/2017
This vulnerability is currently awaiting analysis.
Text Form of Oracle Security Alert - CVE-2017-9805 Risk Matrices
> http://www.oracle.co...se-3889406.html
2017-September-22
"This document provides the text form of the CVE-2017-9805 Advisory Risk Matrices. Please note that the CVE numbers in this document correspond to the same CVE numbers in the CVE-2017-9805 Advisory.
This page contains the following text format Risk Matrices:
Oracle Siebel CRM
Oracle Communications Applications
Oracle Financial Services Applications
Oracle Fusion Middleware
Oracle MySQL
Oracle Retail Applications ..."
___
> https://www.us-cert....Vulnerabilities
Sep 25, 2017
Oracle downloads: https://www.oracle.c...oads/index.html
___
- https://www.us-cert....curity-Bulletin
Oct 17, 2017
___
Oracle Security Alert CVE-2017-10151 released
- https://blogs.oracle...-10151-released
Oct 27, 2017
Oracle Fusion Middleware - Oracle Identity Manager
- http://www.oracle.co...tml#AppendixFMW
2017-October-27
- https://isc.sans.edu/diary/rss/22984
2017-10-30
- https://www.us-cert....curity-Bulletin
Oct 30, 2017
Edited by AplusWebMaster, 01 November 2017 - 12:47 PM.
