woodygap Posted April 27, 2005 Posted April 27, 2005 Thought I would share a partial e-mail for anyone interested. I included some links at the bottom if you need more info on this. Oracle Products Contain Multiple Vulnerabilities Original release date: April 27, 2005 Last revised: -- Source: US-CERT Systems Affected From the Oracle Critical Patch Update - April 2005: * Oracle Database 10g Release 1, versions 10.1.0.2, 10.1.0.3, 10.1.0.3.1, 10.1.0.4 (10.1.0.3.1 is supported for Oracle Application Server only) * Oracle9i Database Server Release 2, versions 9.2.0.5, 9.2.0.6 * Oracle9i Database Server Release 1, versions 9.0.1.4, 9.0.1.5, 9.0.4 (9.0.1.5 FIPS) (all of which are supported for Oracle Application Server only) * Oracle8i Database Server Release 3, version 8.1.7.4 * Oracle Application Server 10g Release 2 (10.1.2) * Oracle Application Server 10g (9.0.4), versions 9.0.4.0, 9.0.4.1 * Oracle9i Application Server Release 2, versions 9.0.2.3, 9.0.3.1 * Oracle9i Application Server Release 1, version 1.0.2.2 * Oracle Collaboration Suite Release 2, versions 9.0.4.1, 9.0.4.2 * Oracle E-Business Suite and Applications Release 11i, versions 11.5.0 through 11.5.10 * Oracle E-Business Suite and Applications Release 11.0 * Oracle Enterprise Manager Grid Control 10g, versions 10.1.0.2, 10.1.0.3 * Oracle Enterprise Manager versions 9.0.4.0, 9.0.4.1 * PeopleSoft EnterpriseOne Applications, versions 8.9 SP2 and 8.93 * PeopleSoft OneWorldXe/ERP8 Applications, versions SP22 and higher Appendix B. References * Critical Patch Update - April 2005 - <http://www.oracle.com/technology/deploy/security/pdf/'>http://www.oracle.com/technology/deploy/security/pdf/ cpuapr2005.pdf> * Critical Patch Updates and Security Alerts - <http://www.oracle.com/technology/deploy/security/alerts.htm> * Map of Public Vulnerability to Advisory/Alert - <http://www.oracle.com/technology/deploy/security/pdf/ public_vuln_to_advisory_mapping.html> * Comments on Oracle Critical Patch Update April 2005 - <http://www.red-database-security.com/wp/ comments_oracle_cpu_april_2005_us.pdf> * NGSSoftware Oracle Database vulnerabilities - <http://www.ngssoftware.com/advisories/oracle-03.txt> * US-CERT Vulnerability Note VU#948486 - <http://www.kb.cert.org/vuls/id/948486> * US-CERT Vulnerability Note VU#982109 - <http://www.kb.cert.org/vuls/id/982109> Quote
Head Guru Posted April 27, 2005 Posted April 27, 2005 It will never stop! Moving for organization. Bill Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.