Oracle Products Multiple vulnerabilities
Last Update Date:
16 Jan 2013 09:34
Release Date:
16 Jan 2013
4886
Views
RISK: High Risk
TYPE: Servers - Database Servers
Multiple vulnerabilities have been identified in various Oracle products and components, which could be exploited by attackers to execute arbitrary code, conduct denial of service, bypass security restriction, disclose sensitive information or take full control of target systems.
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Oracle Database 11g Release 2, versions 11.2.0.2, 11.2.0.3
- Oracle Database 11g Release 1, version 11.1.0.7
- Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5
- Oracle Database Mobile Server, version 11.1.0.0
- Oracle Database Lite Server, version 10.3.0.3
- Oracle Access Manager/Webgate, versions 10.1.4.3.0, 11.1.1.5.0, 11.1.2.0.0
- Oracle GoldenGate Veridata, version 3.0.0.11.0
- Management Pack for Oracle GoldenGate, version 11.1.1.1.0
- Oracle Outside In Technology, versions 8.3.7, 8.4
- Oracle WebLogic Server, versions 9.2.4, 10.0.2, 10.3.5, 10.3.6, 12.1.1
- Application Performance Management versions 6.5, 11.1, 12.1.0.2
- Enterprise Manager Grid Control 11g Release 1, version 11.1.0.1
- Enterprise Manager Grid Control 10g Release 1, version 10.2.0.5
- Enterprise Manager Plugin for Database 12c Release 1, versions 12.1.0.1, 12.1.0.2
- Oracle E-Business Suite Release 12, versions 12.0.6, 12.1.1, 12.1.2, 12.1.3
- Oracle E-Business Suite Release 11i, version 11.5.10.2
- Oracle Agile PLM Framework, version 9.3.1.1
- Oracle PeopleSoft HRMS, versions 9.0, 9.1
- Oracle PeopleSoft PeopleTools, versions 8.51, 8.52
- Oracle JD Edwards EnterpriseOne Tools, versions 8.9, 9.1, SP24
- Oracle Siebel CRM, versions 8.1.1, 8.2.2
- Oracle Sun Product Suite
- Oracle VM VirtualBox, versions 4.0, 4.1, 4.2
- Oracle MySQL Server, versions 5.1.66 and earlier, 5.5.28 and earlier
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply Oracle Critical Patch Update - Jan 2013 :
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with