Oracle to Fix 78 Bugs in July Patch Update

Oracle on Tuesday will issue fixes for 78 vulnerabilities in a number of the company’s products, including its Database Server, Fusion, PeopleSoft and Secure Backup. A number of the bugs Oracle is fixing can be used for remote code execution. The Oracle Critical Patch Update for July is a huge...

Oracle Releases Critical Patch Update for July 2011

Oracle has released its Critical Patch Update for July 2011 to address 78 vulnerabilities across multiple products. This update contains the following security fixes: 13 for Oracle Database Server 3 for Oracle Secure Backup 7 for Oracle Fusion Middleware 18 for Oracle Enterprise Manager 1 for...

Critical: Red Hat Security Advisory: java-1.6.0-sun security update

Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring...

Oracle Releases Critical Patch Update for June 2011

Oracle released its June Critical Patch Update CPU containing 17 security fixes for the following products: JDK and JRE 6 Update 25 and earlier for Windows, Solaris, and Linux JDK and JRE 5.0 Update 29 and earlier for Windows, Solaris, and Linux SDK and JRE 1.4.231 and earlier for Windows, Solari...

Oracle Database Multiple Vulnerabilities (April 2011 CPU)

The remote Oracle database server is missing the April 2011 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Oracle Warehouse Builder CVE-2011-0792, CVE-2011-0799 - Oracle Security Service CVE-2009-3555 - Application Service Level...

Oracle AS Portal 10.1.2 Cross Site Scripting

============================================= INTERNET SECURITY AUDITORS ALERT 2010-007 - Original release date: August 11th, 2010 - Last revised: May 1st, 2011 - Discovered by: Vicente Aguilera Diaz - Severity: 5.0/10 CVSS Base Scored ============================================= I. VULNERABILIT...

[ISecAuditors Security Advisories] XSS in Oracle AS Portal 10g

============================================= INTERNET SECURITY AUDITORS ALERT 2010-007 - Original release date: August 11th, 2010 - Last revised: May 1st, 2011 - Discovered by: Vicente Aguilera Diaz - Severity: 5.0/10 CVSS Base Scored ============================================= I. VULNERABILIT...

[Onapsis Security Advisory 2011-013] Oracle JD Edwards JDENET USRBROADCAST Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-013: Oracle JD Edwards JDENET USRBROADCAST Denial of Service This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access...

[Onapsis Security Advisory 2011-010] Oracle JD Edwards JDENET Remote Logging Deactivation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-010: Oracle JD Edwards JDENET Remote Logging Deactivation This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...

[Onapsis Security Advisory 2011-008] Oracle JD Edwards JDENET CallObjectKernel Remote Command Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-008: Oracle JD Edwards JDENET CallObjectKernel Remote Command Execution This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will...

[Onapsis Security Advisory 2011-007] Oracle JD Edwards JDENET Kernel Shutdown

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-007: Oracle JD Edwards JDENET Kernel Shutdown This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

OracleJSP Demos Cross Site Scripting

Advisory Name: Reflected Cross-Site Scripting XSS in OracleJSP Demos Internal Cybsec Advisory Id: 2011-0403- Reflected Cross-Site Scripting XSS in OracleJSP Demos Vulnerability Class: Reflected Cross-Site Scripting XSS Release Date: April 20, 2011 Affected Applications: Confirmed in OracleJSP...

cpuapr2011

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should b...

Oracle Critical Patch Update - April 2011

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should b...

Oracle to release 73 security vulnerabilities security patch update !

Oracle to release 73 security vulnerabilities security patch update ! Oracle plans to release a large number of security patches for its various software products next week, including six bug-fixes for its flagship database software. All told, there will be 73 security vulnerabilities fixed acros...

Oracle Releases Critical Patch Update for April 2011

Oracle has released their Critical Patch Update for April 2011 to address 73 vulnerabilities across multiple products. This update contains the following security fixes: 6 updates for the Oracle Database Server 9 updates for Oracle Fusion Middleware 1 update for Oracle Enterprise Manager Grid...

SQL Injection vulnerabilities in extension "WEC Discussion Forum" (wec_discussion)

It has been discovered that the extension WEC Discussion Forum wecdiscussion is vulnerable to SQL Injection. Release Date: April 7, 2011 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.1.0 and all versions below...

CentOS Update for libtiff CESA-2011:0392 centos4 x86_64

Check for the Version of libtiff OpenVAS Vulnerability Test CentOS Update for libtiff CESA-2011:0392 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Solaris 9 (x86) : 116015-06

SunOS 5.9x86: /usr/sbin/usermod patch. Date this patch was last updated by Sun : Mar/18/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

New Adobe Under Zero-Day Attack !

Adobe today released an advisory to warn about a remote code execution vulnerability in Flash Player, which also affects Adobe Reader and Acrobat. This critical vulnerability has been assigned CVE-2011-0609. Currently seen attacks work through a malicious SWF file which is embedded inside an Exce...