---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Oracle Products Multiple Vulnerabilities SECUNIA ADVISORY ID: SA22396 VERIFY ADVISORY: http://secunia.com/advisories/22396/ CRITICAL: Highly critical IMPACT: Unknown, Manipulation of data, DoS, System access WHERE: >From remote SOFTWARE: Oracle PeopleSoft Enterprise Portal Solutions 8.x http://secunia.com/product/6864/ Oracle9i Developer Suite http://secunia.com/product/5411/ Oracle9i Database Standard Edition http://secunia.com/product/358/ Oracle9i Database Enterprise Edition http://secunia.com/product/359/ JD Edwards EnterpriseOne Tools 8.x http://secunia.com/product/5940/ JD Edwards OneWorld Tools 8.x http://secunia.com/product/2948/ Oracle Application Express 1.x http://secunia.com/product/12341/ Oracle Application Express 2.x http://secunia.com/product/12342/ Oracle Application Server 10g http://secunia.com/product/3190/ Oracle Collaboration Suite 10.x http://secunia.com/product/2450/ Oracle Database 10g http://secunia.com/product/3387/ Oracle Database 8.x http://secunia.com/product/360/ Oracle Developer Suite 10g http://secunia.com/product/5410/ Oracle E-Business Suite 11i http://secunia.com/product/442/ Oracle PeopleSoft Enterprise Tools 8.x http://secunia.com/product/9411/ Oracle Pharmaceutical Applications 4.x http://secunia.com/product/9410/ Oracle9i Application Server http://secunia.com/product/443/ Oracle9i Collaboration Suite http://secunia.com/product/2451/ DESCRIPTION: Multiple vulnerabilities have been reported in various Oracle products. Some of these vulnerabilities have unknown impacts while others can be exploited to cause a DoS (Denial of Service), conduct SQL injection attacks, and potentially compromise the system. Details are available for the following vulnerabilities: 1) Various input processed by the following packages is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitary SQL code: * DBMS_XDBZ * SDO_DROP_USER_BEFORE * MD2 * DBMS_CDC_IMPDP * DBMS_CDC_IPUBLISH * DBMS_CDC_ISUBSCRIBE * DBMS_SQLTUNE * SDO_GEOR_INT * XDB_PITRIG_PKG * SDO_DROP_USER * SDO_CS 2) Boundary errors in the RELATE functions of the MD2 and SDO_GEOM packages, the GEOM_OPERATION function of the SDO_3GL package, and the TRANSFORM_LAYER function of the SDO_CS package may be exploited to cause a buffer overflow. SOLUTION: Apply patches (see the vendor's advisory). PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Johannes Fahrenkrug * Sacha Faust, SPI Dynamics, Inc. * Esteban Martinez Fayo, Application Security, Inc. * Alexander Kornbrust, Red Database Security GmbH * David Litchfield, NGSSoftware. * Andrew Maksimenko, COMEC-92. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html David Litchfield: http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------