WebLogic CVE-2018-2628·´ÐòÁл¯Îó²î¸´ÏÖ
Ðû²¼Ê±¼ä 2018-04-18Ò»¡¢Îó²îÐÎò
2018Äê4ÔÂ18ÈÕÆÆÏþ£¬£¬£¬£¬Oracle¹Ù·½Ðû²¼ÁË4Ô·ݵÄÇå¾²²¹¶¡¸üÐÂCPU£¨Critical Patch Update£©£¬£¬£¬£¬¸üÐÂÖÐÐÞ¸´ÁËÒ»¸ö¸ßΣWebLogic·´ÐòÁл¯Îó²îCVE-2018-2628£¨CNVD-2018-07811¡¢CNNVD-201804-803£©¡£¡£¡£¹¥»÷Õß¿ÉÒÔÔÚδÊÚȨµÄÇéÐÎÏÂͨ¹ýT3ÐÒé¶Ô±£´æÎó²îµÄWebLogic×é¼þ¾ÙÐÐÔ¶³Ì¹¥»÷£¬£¬£¬£¬²¢¿É»ñȡĿµÄϵͳËùÓÐȨÏÞ¡£¡£¡£
Oracle¹Ù·½Ðû²¼µÄÎó²îÐÅÏ¢ÈçÏÂͼËùʾ£º

¶þ¡¢Îó²îÑéÖ¤
¿Ðý¹ú¼ÊÓÎÏ·ADLabµÚһʱ¼ä¶ÔCVE-2018-2628¾ÙÐÐÁ˸ú×ÙÆÊÎö£¬£¬£¬£¬²¢Àֳɸ´ÏÖÁ˸ÃÎó²î¡£¡£¡£¸´ÏÖЧ¹ûÈçÏÂËùʾ£º

Èý¡¢Îó²îÓ°Ïì
¸ÃÎó²îÓ°ÏìWebLogic 10.3.6.0¡¢WebLogic 12.1.3.0¡¢WebLogic 12.2.1.2¡¢WebLogic 12.2.1.3¶à¸ö°æ±¾¡£¡£¡£ÏÖÔÚÒѾ·¢Ã÷Õë¶Ô¸ÃÎó²îµÄʹÓÃÒªÁ죬£¬£¬£¬Ê¹ÓÃÒªÁì½ÏΪ¼òÆÓ£¬£¬£¬£¬Î£º¦½Ï´ó£¬£¬£¬£¬Ïà¹ØÓû§¼°³§ÉÌÓ¦ÒýÆðÖØÊÓ¡£¡£¡£
ËÄ¡¢Îó²îÐÞ¸´
Oracle¹Ù·½ÒÑÐû²¼Õë¶Ô¸ÃÎó²îµÄ²¹¶¡£¬£¬£¬£¬¿É¸üйٷ½×îеIJ¹¶¡¡£¡£¡£Oracle¹Ù·½²¹¶¡ÐèÒªÓû§³ÖÓÐÕý°æÈí¼þµÄÔÊÐíÕʺţ¬£¬£¬£¬Ê¹ÓÃÔÊÐíÕʺÅÉϰ¶ https://support.oracle.com ºó£¬£¬£¬£¬¿ÉÒÔÏÂÔØ×îв¹¶¡¡£¡£¡£
¼¸µã½¨Ò飺
1¡¢Éý¼¶JDK°æ±¾¡£¡£¡£ÓÉÓÚJavaÔÚ½ñÄêÒ»Ô·ÝÒÔºó¸üÐÂÁË·´ÐòÁл¯·ÀÓù½Ó¿Ú£¬£¬£¬£¬¿ÉÒÔ»º½â·´ÐòÁл¯Îó²îµÄÓ°Ïì¡£¡£¡£
2¡¢Éý¼¶WebLogic¡¢É¾³ý²»ÐèÒªµÄÒ³Ãæ£¬£¬£¬£¬ÕûÀí²»Çå¾²µÄµÚÈý·½¿â¡£¡£¡£
3¡¢½ûÓÃT3ÐÒé¡£¡£¡£
Îó²îÁ´½Ó£º
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html