Oracle Products Multiple vulnerabilities
Last Update Date:
18 Oct 2012 14:45
Release Date:
18 Oct 2012
4874
Views
RISK: High Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities have been identified in various Oracle products and components, which could be exploited by attackers to conduct cross-site scripting attacks, denial of service, bypass security restriction, disclose sensitive information and tampering.
Impact
- Cross-Site Scripting
- Denial of Service
- Security Restriction Bypass
- Information Disclosure
- Data Manipulation
System / Technologies affected
- Oracle Database 11g Release 2, versions 11.2.0.2, 11.2.0.3
- Oracle Database 11g Release 1, version 11.1.0.7
- Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5
- Oracle Fusion Middleware 11g Release 1, version 11.1.1.6
- Oracle Forms and Reports 11g, Release 2, version 11.1.2.0
- Oracle Forms and Reports 11g Release 1, version 11.1.1.4
- Oracle BI Publisher, versions 10.1.3.4.2, 11.1.1.5.0, 11.1.1.6.0, 11.1.1.6.2
- Oracle Event Processing, versions 2.0, 11.1.1.4.0, 11.1.1.6.0
- Oracle Identity Management 10g, version 10.1.4.3
- Oracle Imaging and Process Management, version 10.1.3.6.0
- Oracle JRockit versions, R28.2.4 and earlier, R27.7.3 and earlier
- Oracle Outside In Technology, version 8.3.7
- Oracle WebLogic Server, versions 9.2.4.0, 10.0.2.0, 10.3.5.0, 10.3.6.0, 12.1.1.0
- Oracle WebCenter Sites, versions 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, 11.1.1.6.0
- Oracle E-Business Suite Release 12, versions 12.0.6, 12.1.1, 12.1.2, 12.1.3
- Oracle E-Business Suite Release 11i, version 11.5.10.2
- Oracle Agile PLM For Process, versions 5.2.2, 6.0.0.6.3, 6.1.0.0, 6.1.0.1.14
- Oracle Agile PLM Framework, versions 9.3.1.0, 9.3.1.1
- Oracle Agile Product Supplier Collaboration for Process, versions 5.2.2, 6.1.0.0
- Oracle PeopleSoft Enterprise Campus Solutions, version 9.0
- Oracle PeopleSoft Enterprise PeopleTools, versions 8.50, 8.51, 8.52
- Oracle Siebel UI Framework, version 8.1.1 Oracle Central Designer, versions 1.3, 1.4, 1.4.2
- Oracle Clinical/Remote Data Capture, versions 4.6.0, 4.6.2
- Oracle FLEXCUBE Direct Banking, versions 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0-5.3.4, 6.0.1, 6.2.0, 12
- Oracle FLEXCUBE Universal Banking, versions 10.0.0-10.5.0, 11.0.0-11.4.0, 12
- Oracle Sun Product Suite Oracle Secure Global Desktop, version 4.6
- Oracle VM Virtual Box, versions 3.2, 4.0, 4.1
- Oracle MySQL Server, versions 5.1.63 and earlier, 5.5.25 and earlier
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply Oracle Critical Patch Update - Oct 2012
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with