430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Oracle patch update for April 2017 also fixed Struts and Shadow Brokers exploits

Oracle patch update for April 2017 fixed a record number of vulnerabilities, including Apache Struts and Shadow Brokers exploits. Oracle has released security updates to fix flaws in its product, including Apache Struts and a Solaris exploit included in a dump leaked by the Shadow Brokers hackers and containing NSA documents and hacking tools. The Oracle patch update […]

Oracle CVE-2026-46817

Oracle patch update for April 2017 fixed a record number of vulnerabilities, including Apache Struts and Shadow Brokers exploits.

Oracle has released security updates to fix flaws in its product, including Apache Struts and a Solaris exploit included in a dump leaked by the Shadow Brokers hackers and containing NSA documents and hacking tools.

The Oracle patch update for April 2017 fixed the vulnerability exploited by the EXTREMEPARR tool developed by the NSA to hack Solaris 10.

The NSA dump recently leaked by Shadow Brokers includes also another Solaris exploit code named EBBISLAND that triggers a vulnerability patched since 2012 in Solaris 10 Update 11.

Oracle patch update for April 2017

This is a record security update, it includes in fact 299 fixes to Oracle products, 162 of them are remotely exploitable.  83 security fixes address vulnerabilities in Oracle business-critical applications, including Oracle PeopleSoft, E-Business Suite, JD Edwards, Siebel CRM and the Primavera Products Suite.

Oracle released 8 security fixes for Java, 39 for MySQL and 3 for Oracle Database Server.

The remote code execution Struts flaw was exploited in the wild by hackers to target Java Web Servers.

Apache Struts 2 is currently used in many Oracle products, including MySQL Enterprise Monitor, Oracle WebCenter Sites, Oracle WebLogic Server, Oracle Communications, Retail and Financial Services applications, and the Siebel E-Billing app.

Oracle fixed 40 critical vulnerabilities, 25 of which rated with a severity score of 10 in the Common Vulnerability Scoring System (CVSS).

The Oracle Critical Patch Update Advisory – April 2017 addresses application for a wide range of industry sectors, including financial services, retail, communications, utilities, and hospitality.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Oracle patch update, Hotels, hacking)