Oracle October 2006 Security Update Multiple Vulnerabilities
原始连接:
http://www.securityfocus.com/bid/20588/info
Bugtraq ID: 20588
Class: Unknown
CVE:
Remote: Yes
Local: Yes
Published: Oct 17 2006 12:00AM
Updated: Oct 26 2006 12:13AM
Credit: Oracle credits the following people with the discovery of these vulnerabilities: Johannes Fahrenkrug; Sacha Faust of S.P.I. Dynamics, Inc.; Esteban Martinez Fayo of Application Security, Inc.; Alexander Kornbrust of Red Database Security GmbH; David Litchf
Vulnerable: Oracle Pharmaceutical Applications 4.5.1
Oracle Pharmaceutical Applications 4.5
Oracle PeopleSoft Enterprise Tools 8.47.4
Oracle PeopleSoft Enterprise Tools 8.47.4
Oracle PeopleSoft Enterprise Tools 8.47.3
Oracle PeopleSoft Enterprise Tools 8.47.2
Oracle PeopleSoft Enterprise Tools 8.47.1
Oracle PeopleSoft Enterprise Tools 8.46.12
Oracle PeopleSoft Enterprise Tools 8.47 GA
Oracle PeopleSoft Enterprise Tools 8.46 GA
Oracle PeopleSoft Enterprise Portal 8.9
Oracle PeopleSoft Enterprise Portal 8.8
Oracle PeopleSoft Enterprise PeopleTools 8.48
Oracle PeopleSoft Enterprise PeopleTools 8.47
Oracle PeopleSoft Enterprise PeopleTools 8.46
Oracle PeopleSoft Enterprise PeopleTools 8.22
Oracle Oracle9i Standard Edition 9.2 .7
Oracle Oracle9i Standard Edition 9.2 .6
Oracle Oracle9i Standard Edition 9.2 .0.5
Oracle Oracle9i Standard Edition 9.0.1 .5 FIPS
Oracle Oracle9i Standard Edition 9.0.1 .5
Oracle Oracle9i Standard Edition 9.0.1 .4
Oracle Oracle9i Personal Edition 9.2 .7
Oracle Oracle9i Personal Edition 9.2 .6
Oracle Oracle9i Personal Edition 9.2 .0.5
Oracle Oracle9i Personal Edition 9.0.1 .5 FIPS
Oracle Oracle9i Personal Edition 9.0.1 .5
Oracle Oracle9i Personal Edition 9.0.1 .4
Oracle Oracle9i Enterprise Edition 9.2 .7
Oracle Oracle9i Enterprise Edition 9.2 .6
Oracle Oracle9i Enterprise Edition 9.2 .0.5
Oracle Oracle9i Enterprise Edition 9.0.1 .5 FIPS
Oracle Oracle9i Enterprise Edition 9.0.1 .5
Oracle Oracle9i Enterprise Edition 9.0.1 .4
Oracle Oracle9i Application Server 9.0.3 .1
Oracle Oracle9i Application Server 9.0.2 .3
Oracle Oracle9i Application Server 1.0.2 .2
Oracle Oracle8i Standard Edition 8.1.7 .4
Oracle Oracle8i Standard Edition 8.1.7 .4
Oracle Oracle8i Enterprise Edition 8.1.7 .4
Oracle Oracle10g Standard Edition 10.2 .2
Oracle Oracle10g Standard Edition 10.2 .1
Oracle Oracle10g Standard Edition 10.1 .0.5
Oracle Oracle10g Standard Edition 10.1 .0.4
Oracle Oracle10g Standard Edition 10.1 .0.3
Oracle Oracle10g Personal Edition 10.2 .2
Oracle Oracle10g Personal Edition 10.2 .1
Oracle Oracle10g Personal Edition 10.1 .0.4
Oracle Oracle10g Personal Edition 10.1 .0.3
Oracle Oracle10g Enterprise Edition 10.2 .2
Oracle Oracle10g Enterprise Edition 10.2 .1
Oracle Oracle10g Enterprise Edition 10.1 .0.4
Oracle Oracle10g Enterprise Edition 10.1 .0.3
Oracle Oracle10g Application Server 10.1.3 .0.0
Oracle Oracle10g Application Server 10.1.2 .1.0
Oracle Oracle10g Application Server 10.1.2 .0.2
Oracle Oracle10g Application Server 10.1.2 .0.1
Oracle Oracle10g Application Server 10.1.2
Oracle Oracle10g Application Server 9.0.4 .2
Oracle Oracle10g Application Server 9.0.4 .1
Oracle Oracle10g Application Server 9.0.4 .0
Oracle OneWorld Tools SP23
Oracle JD Edwards EnterpriseOne 8.95 _F1
Oracle JD Edwards EnterpriseOne 8.95 _B1
Oracle JD Edwards EnterpriseOne 8.96
Oracle JD Edwards EnterpriseOne 8.95.J1
Oracle JD Edwards EnterpriseOne 8.95
Oracle HTML DB 2.0
Oracle HTML DB 1.6.1
Oracle HTML DB 1.6
Oracle HTML DB 1.5.1
Oracle HTML DB 1.5
Oracle E-Business Suite 11i 11.5.10 CU2
Oracle E-Business Suite 11i 11.5.10
Oracle E-Business Suite 11i 11.5.9
Oracle E-Business Suite 11i 11.5.8
Oracle E-Business Suite 11i 11.5.7
Oracle E-Business Suite 11.0
Oracle Developer Suite 10.1.2 .2
Oracle Developer Suite 10.1.2 .0.2
Oracle Developer Suite 9.0.4 .3
Oracle Developer Suite 9.0.4 .2
Oracle Developer Suite 9.0.4 .1
Oracle Developer Suite 6i
Oracle Collaboration Suite Release 2 9.0.4 .2
Oracle Collaboration Suite Release 1 10.1.2
Oracle Application Server Release 2 9.0.2 .3
Oracle Application Server 10g 9.0.4 .3
Oracle Application Server 10g 9.0.4 .2
Oracle Application Server 10g 9.0.4 .1
Oracle Application Server 10g 9.0.4
Not Vulnerable: Oracle Application Express 2.2.1
Oracle Application Express 2.2
Oracle October 2006 Security Update Multiple Vulnerabilities
Solution:
Oracle has released a Critical Patch Update (October 2006) to address these issues. Please see the update for information on obtaining and applying appropriate patches.
Oracle recommends updating Oracle Application Express to version 2.2.1 to address vulnerabilities in earlier versions of the application.
See the referenced advisories for more information.
Oracle HTML DB 1.5
Oracle apex_2.2.1.zip
http://www.oracle.com/technology ... vlic.html?url=http: //download.oracle.com/otn/java/appexpress/apex_2.2.1.zip
Oracle HTML DB 1.6.1
Oracle apex_2.2.1.zip
http://www.oracle.com/technology ... vlic.html?url=http: //download.oracle.com/otn/java/appexpress/apex_2.2.1.zip
Oracle HTML DB 2.0
Oracle apex_2.2.1.zip
http://www.oracle.com/technology ... vlic.html?url=http: //download.oracle.com/otn/java/appexpress/apex_2.2.1.zip
