Oracle Products Multiple Vulnerabilies
Last Update Date:
19 Jan 2012 13:26
Release Date:
19 Jan 2012
4774
Views
RISK: Medium Risk
TYPE: Servers - Database Servers
Multiple vulnerabilities have been identified in various Oracle products and components, which could be exploited by attackers to conduct cross-site scripting attacks, denial of service, elevation of privilege, disclose sensitive information, data manipulation or compromise a vulnerable system.
Impact
- Cross-Site Scripting
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Information Disclosure
- Data Manipulation
System / Technologies affected
- Oracle Database 11g Release 2, versions 11.2.0.2, 11.2.0.3
- Oracle Database 11g Release 1, version 11.1.0.7
- Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5
- Oracle Database 10g Release 1, version 10.1.0.5
- Oracle Fusion Middleware 11g Release 1, versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0
- Oracle Application Server 10g Release 3, version 10.1.3.5.0
- Oracle Outside In Technology, versions 8.3.5, 8.3.7
- Oracle WebLogic Server, versions 9.2.4, 10.0.2, 11gR1 (10.3.3, 10.3.4, 10.3.5)
- Oracle E-Business Suite Release 12, versions 12.1.2, 12.1.3
- Oracle E-Business Suite Release 11i, version 11.5.10.2
- Oracle Transportation Management, versions 5.5, 6.0, 6.1, 6.2
- Oracle PeopleSoft Enterprise CRM, version 8.9
- Oracle PeopleSoft Enterprise HCM, versions 8.9, 9.0, 9.1
- Oracle PeopleSoft Enterprise PeopleTools, version 8.52
- Oracle JDEdwards, version 8.98
- Oracle Sun Product Suite
- Oracle VM VirtualBox, version 4.1
- Oracle Virtual Desktop Infrastructure, version 3.2
- Oracle MySQL Server, versions 5.0, 5.1, 5.5
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Apply Oracle Critical Patch Update - Jan 2012
http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with