Multiple vulnerabilities in Oracle Agile PLM Framework

Published: 2020-01-14

Risk	Medium
Patch available	YES
Number of vulnerabilities	3
CVE-ID	CVE-2019-0227 CVE-2019-10072 CVE-2017-12626
CWE-ID	CWE-20 CWE-399 CWE-835
Exploitation vector	Network
Public exploit	Public exploit code for vulnerability #1 is available.
Vulnerable software Subscribe	Oracle Agile PLM Framework Universal components / Libraries / Software for developers
Vendor	Oracle

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Improper input validation

EUVDB-ID: #VU24468

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-0227

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Core (Apache Axis) component in Oracle Communications Design Studio. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Agile PLM Framework: 9.3.3

CPE2.3

cpe:2.3:a:oracle:oracle_agile_plm_framework:9.3.3:*:*:*:*:*:*:*

External links

http://www.oracle.com/security-alerts/cpujan2020.html?3261

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Resource management error

EUVDB-ID: #VU20992

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-10072

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incomplete fix for SB2019020812 when processing HTTP/2 requests. A remote attacker can perform denial of service attack by not sending WINDOW_UPDATE messages for the connection window (stream 0).

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Agile PLM Framework: 9.3.5 - 9.3.6

CPE2.3

cpe:2.3:a:oracle:oracle_agile_plm_framework:9.3.6:*:*:*:*:*:*:*

External links

http://www.oracle.com/security-alerts/cpujan2020.html?3261

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Infinite loop

EUVDB-ID: #VU12842

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2017-12626

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to infinite loops while parsing specially crafted WMF, EMF, MSG and macros and out of Memory exceptions while parsing specially crafted DOC, PPT and XLS. A remote attacker can cause the service to crash.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Agile PLM Framework: 9.3.3 - 9.3.6

CPE2.3

cpe:2.3:a:oracle:oracle_agile_plm_framework:9.3.6:*:*:*:*:*:*:*

External links

http://www.oracle.com/security-alerts/cpujan2020.html?3261

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?