---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Oracle Products Multiple Vulnerabilities SECUNIA ADVISORY ID: SA32291 VERIFY ADVISORY: http://secunia.com/advisories/32291/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: >From remote SOFTWARE: PeopleSoft PeopleTools 8.x http://secunia.com/advisories/product/1004/ Oracle9i Database Standard Edition http://secunia.com/advisories/product/358/ Oracle9i Database Enterprise Edition http://secunia.com/advisories/product/359/ Oracle PeopleSoft Enterprise Portal Solutions 8.x http://secunia.com/advisories/product/6864/ Oracle E-Business Suite 12.x http://secunia.com/advisories/product/13979/ Oracle E-Business Suite 11i http://secunia.com/advisories/product/442/ Oracle Database 11.x http://secunia.com/advisories/product/18050/ Oracle Database 10.x http://secunia.com/advisories/product/3387/ Oracle Application Server 10g http://secunia.com/advisories/product/3190/ JD Edwards EnterpriseOne Tools 8.x http://secunia.com/advisories/product/5940/ DESCRIPTION: Some vulnerabilities with unknown impacts have been reported in various Oracle products. The vulnerabilities are caused due to unspecified errors. No more information is currently available. The vulnerabilities are reported in the following products and versions: * Oracle Database 11g, version 11.1.0.6 * Oracle Database 10g Release 2, versions 10.2.0.2, 10.2.0.3, 10.2.0.4 * Oracle Database 10g, version 10.1.0.5 * Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV * Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.3.0,10.1.3.4.0 * Oracle Application Server 10g Release 2 (10.1.2), versions 10.1.2.2.0, 10.1.2.3.0 * Oracle Application Server 10g (9.0.4), version 9.0.4.3 * Oracle E-Business Suite Release 12, version 12.0.4 * Oracle E-Business Suite Release 11i, version 11.5.10.2 * Oracle PeopleSoft Enterprise PeopleTools versions 8.48.18, 8.49.14 * Oracle PeopleSoft Enterprise Portal versions 8.9, 9.0 * Oracle JD Edwards EnterpriseOne Tools versions 8.97, 8.98 * Oracle Application Server 9i Release 1, version 1.0.2.2 SOLUTION: Apply patches (see the vendor's advisory). PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Esteban Martinez Fayo, Application Security, Inc. * Pete Finnigan * Tony Fogarty, DNV * guyp, Sentrigo * Jack Kanter, Integrigy * Joxean Koret * Alexander Kornbrust, Red Database Security * Slavik Markovich, Sentrigo * Amichai Shulman, Imperva, Inc. * Chris Valasek, IBM Corp. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------