Design/Logic Flaw

Unspecified vulnerability in the Java Virtual Machine component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

CVE-2010-2407

Unspecified vulnerability in the XDK component in Oracle Database Server 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect integrity via unknown vectors...

CVE-2010-2411

Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMSIJOB...

Design/Logic Flaw

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5 and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

Security feature bypass

Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server 10.1.0.5 and 10.2.0.3, Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3, and Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown...

Design/Logic Flaw

Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Logon...

Design/Logic Flaw

Unspecified vulnerability in the XDK component in Oracle Database Server 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect integrity via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMSIJOB...

CVE-2010-2415

Oracle Database Change Data Capture (DBMS_CDC_PUBLISH) contains an SQL injection flaw in the CREATE_CHANGE_SET procedure. CVE-2010-2415 affects Oracle Database Server versions 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1. The vulnerability allows an attacker with EXECUTE privilege on SYS.DBMS_CDC_P...

CVE-2010-2412

CVE-2010-2412 is an OLAP-component vulnerability in Oracle Database Server 11.1.0.7. It requires authentication and is exploitable over the network to affect confidentiality and integrity; there is no reported impact on availability. The Nessus/CPU documentation associates this CVE with the OLAP ...

CVE-2010-2412

Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

CVE-2010-2415

Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...

CVE-2010-2407

Unspecified vulnerability in the XDK component in Oracle Database Server 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect integrity via unknown vectors...

CVE-2010-2411

CVE-2010-2411 affects Oracle Database Server (11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5) with a vulnerability in SYS.DBMS_IJOB that allows remote authenticated users to impact confidentiality, integrity and availability. The vulnerability is listed in the Oracle October 2010 CPU, which fix...

CVE-2010-2391

CVE-2010-2391 affects Oracle Database Server Core RDBMS components in Oracle Database Server versions 10.1.0.5 and 10.2.0.3. The vulnerability is described as unspecified, allowing remote authenticated users to impact confidentiality and integrity via unknown vectors. The CVSS data from the refer...

CVE-2010-2389

CVE-2010-2389 affects Oracle Database Server components and Fusion Middleware. The Perl component in Oracle Database Server versions 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5, and in Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0, allows a local user to affect integrity via unknown vector...

CVE-2010-2389

Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Logon...

CVE-2010-2411

Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMSIJOB...

Oracle Releases Critical Patch for October 2010

Oracle has released its Critical Patch Update for October 2010 to address 85 vulnerabilities across multiple products. This update contains the following security fixes: 7 for Oracle Database Server 8 for Oracle Fusion Middleware 1 for Oracle Enterprise Manager Grid Control 6 for Oracle E-Busines...