XSS in Oracle default fcgi-bin/echo

Long ago, I wrote about an XSS vulnerability in Oracle fcgi-bin/echo : http://lists.grok.org.uk/pipermail/full-disclosure/2010-October/076794.html http://www.securityfocus.com/archive/1/514181 The issue may now be fixed in the latest versions of Oracle web servers:...

Oracle Jinitiator 1.1.8 Vulnerabilities CVE-2007-4467 - Additional Information

US-CERT released an advisory on August 28, 2007 regarding multiple stack buffer overflows in the Oracle Jinitiator product Vulnerability Note VU474433/CVE-2007-4467. Due to limited public technical information on Jinitiator, no access to the Oracle support website, and maybe lack of cooperation...

Oracle E-Business Suite - Multiple Vulnerabilities

Multiple security vulnerabilities have been corrected in the Oracle Business Suite 11i and R12 as part of July 2007 Oracle Critical Patch Update CPU. All Internet accessible environments should prioritize patch 6045931 APPS04/05/06 in order to correct multiple vulnerabilities in the On-line help ...