Skip to main content

Oracle Products Multiple Vulnerabilities

Last Update Date: 23 Apr 2014 Release Date: 17 Apr 2014 4253 Views

RISK: High Risk

TYPE: Servers - Database Servers

TYPE: Database Servers

Multiple vulnerabilities have been identified in various Oracle products and components, which could be exploited by attackers to cause denial of service, escalation of privilege, remote code execution and sensitive information disclosure.


Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Oracle Database 11g Release 1, version 11.1.0.7
  • Oracle Database 11g Release 2, versions 11.2.0.3, 11.2.0.4
  • Oracle Database 12c Release 1, version 12.1.0.1
  • Oracle Fusion Middleware 11g Release 1, versions 11.1.1.7, 11.1.1.8
  • Oracle Fusion Middleware 12c Release 1, versions 12.1.1.0, 12.1.2.0
  • Oracle Fusion Applications, versions 11.1.2 through 11.1.8
  • Oracle Access Manager, versions 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, 11.1.2.2.0
  • Oracle Containers for J2EE, version 10.1.3.5
  • Oracle Data Integrator, version 11.1.1.3.0
  • Oracle Endeca Server, version 2.2.2
  • Oracle Event Processing, version 11.1.1.7.0
  • Oracle Identity Analytics, version 11.1.1.5, Sun Role Manager, version 5.0
  • Oracle OpenSSO, version 8.0 Update 2 Patch 5
  • Oracle OpenSSO Policy Agent, version 3.0-03
  • Oracle WebCenter Portal, versions 11.1.1.7, 11.1.1.8
  • Oracle WebLogic Server, versions 10.0.2.0, 10.3.6.0, 12.1.1.0, 12.1.2.0
  • Oracle Hyperion Common Admin, versions 11.1.2.2, 11.1.2.3
  • Oracle E-Business Suite Release 11i, 12i
  • Oracle Agile PLM Framework, versions 9.3.1.1, 9.3.3.0
  • Oracle Agile Product Lifecycle Management for Process, versions 6.0.0.7, 6.1.1.3
  • Oracle Transportation Management, versions 6.3, 6.3.4
  • Oracle PeopleSoft Enterprise CS Campus Self Service, version 9.0
  • Oracle PeopleSoft Enterprise HRMS Talent Acquisition Manager, versions 8.52, 8.53
  • Oracle PeopleSoft Enterprise PT Tools, versions 8.52, 8.53
  • Oracle Siebel UI Framework, versions 8.1.1, 8.2.2
  • Oracle iLearning, versions 6.0, 6.1
  • Oracle JavaFX, version 2.2.51
  • Oracle Java SE, versions 5.0u61, 6u71, 7u51, 8
  • Oracle Java SE Embedded, version 7u51
  • Oracle JRockit, versions R27.8.1, R28.3.1
  • Oracle Solaris, versions 9, 10, 11.1
  • Oracle Secure Global Desktop, versions 4.63, 4.71, 5.0, 5.1
  • Oracle VM VirtualBox, versions prior to 3.2.22, 4.0.24, 4.1.32, 4.2.24, 4.3.10
  • Oracle MySQL Server, versions 5.5, 5.6

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply Oracle Critical Patch Update - April 2014

Vulnerability Identifier

  • No CVE information is available

Source


Related Link