Critical: Red Hat Security Advisory: java-1.7.0-oracle security update

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detaile...

Oracle Critical Patch Update - October 2012

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle Critical Patch Update - October 2012

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle Patch Update to Include 109 Patches

Buckle up Oracle administrators for 109 patches coming your way tomorrow. Oracle’s quarterly Critical Patch Update is due, and the company is releasing fixes for security vulnerabilities across most of its enterprise products, addressing a host of remotely exploitable flaws. This comes a little...

MODX Website Compromise

On Wednesday August 29, a hacker exploited a Local File Inclusion LFI vector in an older release of MODX Revolution we had running on one of our servers. This issue had already been fixed as part of the MODX Revolution 2.2.4 release. We locked down the site while we investigated the compromise...

Oracle Business Transaction Management FlashTunnelService WriteToFile Vulnerability

Added: 08/17/2012 BID: 54839 Background Oracle Business Transaction Management BTM is a component of several Oracle Enterprise Manager Management Packs, including WebLogic Server Management Pack Enterprise Edition. Oracle BTM provides capability in three key areas: transaction visibility,...

Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64

This update fixes several vulnerabilities in the Java 6 Software Development Kit. Further information about these flaws can be found on the 'Oracle Java SE and Java for Business Critical Patch Update Advisory' page. CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550,...

Oracle Critical Patch Update - April 2012

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

Oracle Database Multiple Vulnerabilities (July 2012 CPU)

The remote Oracle database server is missing the July 2012 Critical Patch Update CPU and is, therefore, potentially affected by security issues in the following components : - Enterprise Manager - Network Layer - Core RDBMS %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Oracle Releases Critical Patch Update for July 2012

Oracle has released its Critical Patch Update for July 2012 to address 87 vulnerabilities across multiple products. This update contains the following security fixes: 4 for Oracle Database Server 1 for Oracle Application Express Listener 2 for Oracle Secure Backup 22 for Oracle Fusion Middleware ...

Oracle Outside In contains multiple exploitable vulnerabilities

Overview Oracle Outside In contains multiple exploitable vulnerabilities in its parsers, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle Outside In is a set of libraries that can decode over 500 different file formats...

Oracle Critical Patch Update - July 2012

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle Critical Patch Update - July 2012

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

RedHat Update for qemu-kvm RHSA-2011:1777-01

Check for the Version of qemu-kvm OpenVAS Vulnerability Test RedHat Update for qemu-kvm RHSA-2011:1777-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SE-2012-01] Regarding Oracle's Critical Patch Update for Java SE

Dear All, Yesterday, Oracle released its Critical Patch Update for Java SE software 1, which incorporates fixes for 3 of more than 20+ security issues that were reported to the company in Apr 2012 2. We would like to inform, that while some of the Proof of Concept codes we developed for the...

Symantec LiveUpdate Administrator 2.3 Insecure File Permissions

SUMMARY Symantec LiveUpdate Administrator 2.3 and prior install some files with insecure file permissions during a default installation. These files allow full control permission to everyone which could result in arbitrary command execution with elevated privileges on the system. AFFECTED PRODUCT...

Oracle Releases Critical Patch Update for June 2012

Oracle released its Critical Patch Update for June 2012 containing 14 security fixes for the following products: JDK and JRE 7 Updates 4 and earlier JDK and JRE 6 Update 32 and earlier JDK and JRE 5.0 Update 35 and earlier SDK and JRE 1.4.237 and earlier JavaFX 2.1 and earlier US-CERT encourages...

SQL Injection in Oracle Enterprise Manager (compareWizFirstConfig web page) (CVE-2012-0512)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory SQL Injection in Oracle Enterprise Manager compareWizFirstConfig web page. Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2 and previous patchsets Oracle...

Oracle Enterprise Manager SQL injection Vulnerability

Exploit for jsp platform in category web applications -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory SQL Injection in Oracle Enterprise Manager compareWizFirstConfig web page. Risk Level: High Affected versions: Oracle Enterprise Manager Database Control...

Oracle Patches 88 Vulnerabilities, Including Some that Allow Remote Exploits Without Authentication

Oracle yesterday released 88 security fixes for vulnerabilities — including several that allow for remote access without authentication — across its portfolio as part of its quarterly Critical Patch Update. “Due to the threat posed by a successful attack, Oracle strongly recommends that customers...