Multiple Oracle Products CVE-2018-9206 Remote Security Vulnerability

Bugtraq ID:	106629
Class:	Unknown
CVE:	CVE-2018-9206
Remote:	Yes
Local:	Yes
Published:	Jan 15 2019 12:00AM
Updated:	Jan 15 2019 12:00AM
Credit:	Oracle
Vulnerable:	Oracle Siebel Applications 18.11 Oracle Siebel Applications 18.10 Oracle Primavera Unifier 18.8 Oracle Primavera Unifier 17.12 Oracle Primavera Unifier 17.1 Oracle Primavera Unifier 16.2 Oracle Primavera Unifier 16.1 Oracle Communications Services Gatekeeper 6.0 Oracle Communications Services Gatekeeper 5.1
Not Vulnerable:	Oracle Communications Services Gatekeeper 6.1.0.4.0

Multiple Oracle Products CVE-2018-9206 Remote Security Vulnerability

Multiple Oracle Products are prone to a remote security vulnerability.

This vulnerability can be exploited over the 'HTTP' protocol. The 'Core (jQuery FileUpload)', 'UIF Open UI (jQuery FileUpload)' and 'Security (jQuery)' components are affected.

This vulnerability affect the following products and supported versions:

Primavera Unifier 16.1, 16.2, 17.1-17.12, 18.8 versions
Oracle Communications Services Gatekeeper versions prior to 6.1.0.4.0
Siebel UI Framework 18.10, 18.11 versions

RETIRED: Multiple Oracle Products CVE-2018-9206 Remote Security Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Multiple Oracle Products CVE-2018-9206 Remote Security Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Multiple Oracle Products CVE-2018-9206 Remote Security Vulnerability

References:

• Oracle Homepage (Oracle)
  
• Oracle Critical Patch Update Advisory - January 2019 (Oracle)