Oracle Products Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 17 Jan 2008 4961 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in various Oracle products, which could be exploited by remote or local attackers to cause a denial of service, execute arbitrary commands, read and overwrite arbitrary data, disclose sensitive information, conduct SQL injection and cross site scripting attacks, or bypass security restrictions.

These issues are caused by errors in the XML DB, Advanced Queuing, Spatial, Upgrade/Downgrade, Ultra Search, Core RDBMS, Jinitiator, BPEL Worklist Application, Forms, JDeveloper, Internet Directory, Mobile Application Server, Application Object Library, Applications Framework, Applications Manager, CRM Technical Foundation, Applications Technology Stack and PeopleTools components.

Impact

  • Denial of Service
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Oracle Database 11g version 11.1.0.6
  • Oracle Database 10g Release 2 version 10.2.0.2
  • Oracle Database 10g Release 2 version 10.2.0.3
  • Oracle Database 10g version 10.1.0.5
  • Oracle Database 9i Release 2 version 9.2.0.8
  • Oracle Database 9i Release 2 version 9.2.0.8DV
  • Oracle Database 9i version 9.0.1.5 FIPS+
  • Oracle Application Server 10g Release 3 (10.1.3) version 10.1.3.0.0
  • Oracle Application Server 10g Release 3 (10.1.3) version 10.1.3.1.0
  • Oracle Application Server 10g Release 3 (10.1.3) version 10.1.3.3.0
  • Oracle Application Server 10g Release 2 (10.1.2) version 10.1.2.0.2
  • Oracle Application Server 10g Release 2 (10.1.2) version 10.1.2.1.0
  • Oracle Application Server 10g Release 2 (10.1.2) version 10.1.2.2.0
  • Oracle Application Server 10g (9.0.4) version 9.0.4.3
  • Oracle Application Server 9i Release 1 version 1.0.2.2
  • Oracle Collaboration Suite 10g version 10.1.2
  • Oracle E-Business Suite Release 12 versions 12.0.0 through 12.0.3
  • Oracle E-Business Suite Release 11i versions 11.5.9 through 11.5.10 CU2
  • Oracle PeopleSoft Enterprise PeopleTools version 8.22
  • Oracle PeopleSoft Enterprise PeopleTools version 8.48
  • Oracle PeopleSoft Enterprise PeopleTools version 8.49

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Apple iPhone / iPod touch Multiple Vulnerabilities

17 Jan 2008 5103 Views

Next

Cisco Products CTL Provider Remote Buffer Overflow Vulnerability

18 Jan 2008 4827 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY