Oracle Java Vulnerability (CVE-2017-10110, etc.)

Last Updated: 3rd of August, 2017
Product Series: SVF, Dr.Sum EA, MotionBoard, SPA

Description

Oracle has announced a critical vulnerability (CVE-2017-10110, etc.) exists in following Oracle Java SE versions:

• Oracle Java SE 8 Update 131
• Oracle Java SE 7 Update 141
• Oracle Java SE 6 Update 151

This vulnerability can impact confidentiality, integrity, and availability of the affected device.

See the following link for details:

• CVE Page (Note: The NIST has yet to publish the details for this vulnerability at this point.)
• Oracle Homepage

Products Affected by this Issue

• SVF Web Designer Ver. 9.2
• SVFX-Designer Ver. 9.2
• SVF Java Products Ver. 9.2
• Report Director Enterprise Ver. 9.2
• Universal Connect/X Ver. 9.0, Ver. 9.2
• SVF Connect for Java API Ver. 9.2
• SVF PDL Maker (Migration tool) Ver. 1.x
• SVF PDF Loader Ver. 9.2
• SPA Ver. 9.3
• Dr.Sum Database Engine Ver. 4.0 to 4.2
• Dr.Sum EA DataLoader Ver. 4.0 to 4.2
• Dr.Sum EA TextOLAP Ver. 4.0 to 4.2
• Dr.Sum EA Datalizer Ver. 4.0 to 4.2
• Dr.Sum EA Visualizer Ver. 3.0 to 3.0 with SP1
• Dr.Sum EA Connect Ver. 3.0 to 4.1
• MotionBoard Ver. 5.6 to 5.7

Solution

• General
  Click here for information on how to update JRE to the latest version from Oracle.
• MotionBoard
  A patch for MotionBoard Ver. 5.7 will be released at a later date incorporating the fixed version of JRE. Users of MotionBoard Ver. 5.6 are advised to upgrade to Ver. 5.7 to receive the latest updates.