Oracle Solaris Critical Patch Update : oct2012_SRU11_4

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows successful unauthenticated...

Oracle Solaris Critical Patch Update : july2013_SRU11_1_6_4_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Kernel/VM. The supported version that is affected is 11. Easily exploitable vulnerability requiring logon to...

Oracle Solaris Critical Patch Update : apr2013_SRU5

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Utility/pax. Supported versions that are affected are 8, 9, 10 and 11. Difficult to exploit vulnerability...

Oracle Solaris Critical Patch Update : july2013_SRU11_1_7_5_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Kernel/VM. The supported version that is affected is 11. Easily exploitable vulnerability requiring logon to...

Oracle Solaris Critical Patch Update : jul2012_SRU8_5

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Kernel/NFS. The supported version that is affected is 11. Easily exploitable vulnerability requiring logon to Operating Syste...

Oracle E-Business (July 2014 CPU)

The version of Oracle E-Business installed on the remote host is missing the July 2014 Critical Patch Update CPU. It is, therefore, affected by vulnerabilities in the following components : - Oracle Applications Technology Stack - Oracle Concurrent Processing - Oracle Applications Manager - Oracl...

Oracle Releases July 2014 Security Advisory

Oracle has released its Critical Patch Update for July 2014 to address 113 vulnerabilities across multiple products. This update contains the following security fixes: 5 for Oracle Database Server 29 for Oracle Fusion Middleware 7 for Oracle Hyperion 1 for Oracle Enterprise Manager Grid Control 5...

Oracle Critical Patch Update - July 2014

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are generally cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle Critical Patch Update - July 2014

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are generally cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle July 2014 Critical Patch Update

Never one to skimp on patches, Oracle is expected to release 113 of them tomorrow as part of its quarterly Critical Patch Update. The company also clarified that Java 7 versions will continue to work on the end-of-life Microsoft Windows XP platform and Oracle security updates for Java on XP...

Oracle 10g Database SUBSCRIPTION_NAME Remote SQL Injection Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/13236/info Oracle database is prone to an SQL-injection vulnerability because the software fails to properly sanitize user-supplied data. The 'SUBSCRIPTIONNAME' parameter is vulnerable. Packages that employ this parameter...

ORACLE Business Process Management (Process Administrator) 5.7-6.0-10.3 - XSS

No description provided by source. |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | | |...

Oracle9i Application Server 9.0.2 MOD_ORADAV Access Control Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14274/info The modoradav module for Oracle HTTP Server included in Oracle9i Application Server is prone to a vulnerability. This is related to access controls on the '/davpublic' and '/davportal' directories, allowing a...

Oracle Application Framework Diagnostic Mode Bypass Vulnerability

No description provided by source. Trustwave SpiderLabs Security Advisory TWSL2012-023: Oracle Application Framework Diagnostic Mode Bypass Vulnerability Published: 1/15/2013 Version: 1.0 Vendor: Oracle www.oracle.com Product: Oracle Application Framework Version affected: 11.5.10.2, 12.0.6, 12.1...

Oracle E-Business Suite 11i Multiple Remote Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37305/info Oracle E-Business Suite is prone to multiple authentication-bypass and HTML-injection vulnerabilities. Attackers could exploit these issues to steal cookie-based authentication credentials, perform unauthorized...

Oracle HTML DB 1.5/1.6 f p Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affecte...

Oracle 9.0 iSQL*Plus TLS Listener - Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15032/info Oracle iSQLPLUS is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users. By issuing a specific HTTP request, remote...

Oracle 9 XML DB Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15034/info Oracle XML DB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Oracle Database SQL Compiler Views Unauthorized Manipulation

No description provided by source. source: http://www.securityfocus.com/bid/24887/info Oracle has released a Critical Patch Update advisory for July 2007 to address multiple vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The...

Endeca Latitude 2.2.2 - Cross-Site Request Forgery

Advisory: Endeca Latitude Cross-Site Request Forgery RedTeam Pentesting discovered a Cross-Site Request Forgery CSRF vulnerability in Endeca Latitude. Using this vulnerability, an attacker might be able to change several different settings of the Endeca Latitude instance or disable it entirely...