Jump to content

Oracle Products Contain Multiple Vulnerabilities


Recommended Posts

Thought I would share a partial e-mail for anyone interested. I included some links at the bottom if you need more info on this.

 

Oracle Products Contain Multiple Vulnerabilities

 

Original release date: April 27, 2005

Last revised: --

Source: US-CERT

 

 

Systems Affected

 

From the Oracle Critical Patch Update - April 2005:

 

* Oracle Database 10g Release 1, versions 10.1.0.2, 10.1.0.3,

10.1.0.3.1, 10.1.0.4 (10.1.0.3.1 is supported for Oracle

Application Server only)

* Oracle9i Database Server Release 2, versions 9.2.0.5, 9.2.0.6

* Oracle9i Database Server Release 1, versions 9.0.1.4, 9.0.1.5,

9.0.4 (9.0.1.5 FIPS) (all of which are supported for Oracle

Application Server only)

* Oracle8i Database Server Release 3, version 8.1.7.4

* Oracle Application Server 10g Release 2 (10.1.2)

* Oracle Application Server 10g (9.0.4), versions 9.0.4.0,

9.0.4.1

* Oracle9i Application Server Release 2, versions 9.0.2.3, 9.0.3.1

* Oracle9i Application Server Release 1, version 1.0.2.2

* Oracle Collaboration Suite Release 2, versions 9.0.4.1, 9.0.4.2

* Oracle E-Business Suite and Applications Release 11i, versions

11.5.0 through 11.5.10

* Oracle E-Business Suite and Applications Release 11.0

* Oracle Enterprise Manager Grid Control 10g, versions 10.1.0.2,

10.1.0.3

* Oracle Enterprise Manager versions 9.0.4.0, 9.0.4.1

* PeopleSoft EnterpriseOne Applications, versions 8.9 SP2 and 8.93

* PeopleSoft OneWorldXe/ERP8 Applications, versions SP22 and higher

 

Appendix B. References

 

* Critical Patch Update - April 2005 -

<http://www.oracle.com/technology/deploy/security/pdf/'>http://www.oracle.com/technology/deploy/security/pdf/

cpuapr2005.pdf>

 

* Critical Patch Updates and Security Alerts -

<http://www.oracle.com/technology/deploy/security/alerts.htm>

 

* Map of Public Vulnerability to Advisory/Alert -

<http://www.oracle.com/technology/deploy/security/pdf/

public_vuln_to_advisory_mapping.html>

 

* Comments on Oracle Critical Patch Update April 2005 -

<http://www.red-database-security.com/wp/

comments_oracle_cpu_april_2005_us.pdf>

 

* NGSSoftware Oracle Database vulnerabilities -

<http://www.ngssoftware.com/advisories/oracle-03.txt>

 

* US-CERT Vulnerability Note VU#948486 -

<http://www.kb.cert.org/vuls/id/948486>

 

* US-CERT Vulnerability Note VU#982109 -

<http://www.kb.cert.org/vuls/id/982109>

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...