Oracle Plans 78 Security Fixes for Upcoming Critical Update

Oracle has fixes for 78 security vulnerabilities slated for next week as part of its first critical update of the year. The patches are expected to touch the Oracle Database Server, Fusion Middleware, E-Business suite, Supply Chain, PeopleSoft, JD Edwards, Virtualization, Sun and MySQL products...

DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection

Title ----- DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection Severity -------- High Date Discovered --------------- November 18, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: sxkeebler and r@b13$ Vulnerability Description...

Oracle Database Server Multiple Unspecified Vulnerabilities (Apr 2006)

Oracle database is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Database Server Multiple Unspecified Vulnerabilities

Oracle database server is prone to SQL command execution vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Database Server Ultra Search Component Unspecified Vulnerability

Oracle database server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Database Server Multiple Unspecified Vulnerabilities (Jan 2008)

Oracle database is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Database Server Multiple Vulnerabilities (Jul 2006)

Oracle database is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:databaseserver";...

Oracle Database Multiple Vulnerabilities (October 2009 CPU)

The remote Oracle database server is missing the October 2009 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Application Express - Auditing - Authentication - Core RDBMS - Data Mining - Data Pump - Network...

[SECURITY] Fedora 14 Update: ocsinventory-1.3.3-5.fc14

Open Computer and Software Inventory Next Generation is an application designed to help a network or system administrator keep track of the computers configuration and software that are installed on the network. OCS Inventory is also able to detect all active devices on your network, such as...

CVE-2011-3525

Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2 and 4.0 allows remote authenticated users to affect confidentiality, integrity, and availability, related to APEX developer user...

CVE-2011-3512

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2011-2301

Unspecified vulnerability in the Oracle Text component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to CTXSYS.DRVDISP...

Design/Logic Flaw

Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2 and 4.0 allows remote authenticated users to affect confidentiality, integrity, and availability, related to APEX developer user...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Text component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to CTXSYS.DRVDISP...

Design/Logic Flaw

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2011-3525

Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2 and 4.0 allows remote authenticated users to affect confidentiality, integrity, and availability, related to APEX developer user...

CVE-2011-3512

CVE-2011-3512 is an Oracle Database Core RDBMS vulnerability affecting Oracle Database Server 10.1.0.5, 10.2.0.3–10.2.0.5, 11.1.0.7, and 11.2.0.2. The issue arises in the handling of spatial datatypes, enabling a remote-authenticated user with create table/procedure privileges to escalate to SYSD...

CVE-2011-3525

Oracle Application Express (APEX) in Oracle Database Server is affected by CVE-2011-3525. The Nessus entry for Oracle APEX CVE-2011-3525 describes an unspecified vulnerability in the APEX component that affects Oracle Database Server versions 3.2 and 4.0, allowing remote authenticated users to im...

CVE-2011-3512

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2011-2301

CVE-2011-2301 affects Oracle Database Server (10gR1/R2, 11gR1) via CTXSYS.DRVDISP.TABLEFUNC_ASOWN in Oracle Text. The root cause is a buffer overflow when TABLEFUNC_ASOWN is called with long input, allowing remote authenticated users to compromise confidentiality, integrity and availability. Docu...