Oracle Business Transaction Management Server FlashTunnelService WriteToFile Message RCE Vulnerability
Severity: : Critical
Advisory Date: 21 de июля de 2015
DESCRIPTION
Oracle Business Transaction Management Server is prone to a vulnerability that may allow attackers to write to arbitrary local files. Successful exploits may allow attackers to compromise the system in the context of the user running the vulnerable application, other attacks are also possible.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1005128
Trend Micro Deep Security DPI Rule Name: 1005128 - Oracle Business Transaction Management Server 'FlashTunnelService' WriteToFile Message Remote Code Execution
AFFECTED SOFTWARE AND VERSION:
- Oracle Business Transaction Management Server