Oracle MySQL Server 'InnoDB'子组件远程安全漏洞(CVE-2013-0368)

BUGTRAQ ID: 57397 CVECAN ID: CVE-2013-0368 Oracle MySQL Server是一个轻量的关系型数据库系统。 Oracle MySQL Server 5.5.28及更早版本存在远程安全漏洞，可通过'MySQL Protocol'协议利用此漏洞。'InnoDB'子组件受到影响。通过身份验证的远程攻击者可利用此漏洞进行攻击从而影响MySQL Server的可用性。 0 Oracle MySQL Server = 5.5.28 厂商补丁： Oracle ------...

Oracle MySQL Server 'InnoDB'子组件远程安全漏洞(CVE-2012-0572)

BUGTRAQ ID: 57385 CVECAN ID: CVE-2012-0572 Oracle MySQL Server是一个小型关系型数据库管理系统。 Oracle MySQL Server 5.1.66、5.5.28及更早版本存在远程安全漏洞，此漏洞可通过'MySQL'协议加以利用，'InnoDB'子组件受到影响。通过身份验证的远程攻击者可利用此漏洞影响可用性。 0 Oracle MySQL Server = 5.5.28 Oracle MySQL Server = 5.1.66 厂商补丁： Oracle ------...

Oracle Releases 86 Patches in its January Critical Patch Update

This week’s relentless onslaught of security patches continued late Tuesday afternoon when Oracle released its quarterly Critical Patch Update, a healthy dose of 86 security updates across all major product lines including Oracle Database and MySQL Server. The most serious may be a critical...

Oracle Releases January 2013 Security Advisory

Oracle has released its Critical Patch Update for January 2013 to address 86 vulnerabilities across multiple products. This update contains the following security fixes: 6 for Oracle Database Server 7 for Oracle Fusion Middleware 13 for Oracle Enterprise Manager Grid Control 9 for Oracle E-Busine...

Oracle Application Framework Diagnostic Mode Bypass

Trustwave SpiderLabs Security Advisory TWSL2012-023: Oracle Application Framework Diagnostic Mode Bypass Vulnerability Published: 1/15/2013 Version: 1.0 Vendor: Oracle www.oracle.com Product: Oracle Application Framework Version affected: 11.5.10.2, 12.0.6, 12.1.3 Product description: The Oracle...

Oracle Application Framework - Diagnostic Mode Bypass

Trustwave SpiderLabs Security Advisory TWSL2012-023: Oracle Application Framework Diagnostic Mode Bypass Vulnerability Published: 1/15/2013 Version: 1.0 Vendor: Oracle www.oracle.com Product: Oracle Application Framework Version affected: 11.5.10.2, 12.0.6, 12.1.3 Product description: The Oracle...

Oracle Critical Patch Update - January 2013

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle Critical Patch Update - January 2013

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery

======= Summary ======= Name: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator for example Release Date: 30 November 2012 Reference: NGS00263 Discoverer: Ben Williams Vendor: Symantec Vendor Reference: Systems Affected: Symantec Messaging Gateway 9.5.3-3 Risk: High Status:...

Scientific Linux Security Update : mysql on SL6.x i386/x86_64 (20121114)

This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages. CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163,...

BigFix Client Patch Update

Binary data 6612.prm...

Researcher Develops Patch for Java Zero-Day, Puts Pressure on Oracle to Deliver its Fix

A security researcher has submitted to Oracle a patch he said took him 30 minutes to produce that would repair a zero-day vulnerability currently exposed in Java SE. He hopes his actions will spur Oracle to issue an out-of-band patch for the sandbox-escape vulnerability, rather than wait for the...

RHEL 6 : java-1.7.0-oracle (RHSA-2012:1391)

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detaile...

Critical: Red Hat Security Advisory: java-1.6.0-sun security update

Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Critical: Red Hat Security Advisory: java-1.7.0-oracle security update

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detaile...

Oracle Critical Patch Update - October 2012

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle Critical Patch Update - October 2012

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle Patch Update to Include 109 Patches

Buckle up Oracle administrators for 109 patches coming your way tomorrow. Oracle’s quarterly Critical Patch Update is due, and the company is releasing fixes for security vulnerabilities across most of its enterprise products, addressing a host of remotely exploitable flaws. This comes a little...

MODX Website Compromise

On Wednesday August 29, a hacker exploited a Local File Inclusion LFI vector in an older release of MODX Revolution we had running on one of our servers. This issue had already been fixed as part of the MODX Revolution 2.2.4 release. We locked down the site while we investigated the compromise...

Oracle Business Transaction Management FlashTunnelService WriteToFile Vulnerability

Added: 08/17/2012 BID: 54839 Background Oracle Business Transaction Management BTM is a component of several Oracle Enterprise Manager Management Packs, including WebLogic Server Management Pack Enterprise Edition. Oracle BTM provides capability in three key areas: transaction visibility,...