Boletines de Vulnerabilidades |
Oracle publica parche acumulativo de Octubre 2008 |
|
Clasificación de la vulnerabilidad |
|
Propiedad | Valor |
Nivel de Confianza | Oficial |
Impacto | Confidencialidad |
Dificultad | Experto |
Requerimientos del atacante | Acceso remoto sin cuenta a un servicio estandar |
Información sobre el sistema |
|
Propiedad | Valor |
Fabricant afectat | Comercial Software |
Software afectado |
Oracle Database 11g, version 11.1.0.6 Oracle Database 10g Release 2, versions 10.2.0.2, 10.2.0.3, 10.2.0.4 Oracle Database 10g, version 10.1.0.5 Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.3.0,10.1.3.4.0 Oracle Application Server 10g Release 2 (10.1.2), versions 10.1.2.2.0, 10.1.2.3.0 Oracle Application Server 10g (9.0.4), version 9.0.4.3 Oracle E-Business Suite Release 12, version 12.0.4 Oracle E-Business Suite Release 11i, version 11.5.10.2 Oracle PeopleSoft Enterprise PeopleTools versions 8.48.18, 8.49.14 Oracle PeopleSoft Enterprise Portal versions 8.9, 9.0 Oracle JD Edwards EnterpriseOne Tools versions 8.97, 8.98 Oracle WebLogic Server (formerly BEA WebLogic Server) 10.0 released through MP1, 10.3 GA Oracle WebLogic Server (formerly BEA WebLogic Server) 9.0 GA, 9.1 GA, 9.2 released through MP3 Oracle WebLogic Server (formerly BEA WebLogic Server) 8.1 released through SP6 Oracle WebLogic Server (formerly BEA WebLogic Server) 7.0 released through SP7 Oracle WebLogic Server (formerly BEA WebLogic Server) 6.1 released through SP7 Oracle Workshop for WebLogic (formerly BEA WebLogic Workshop) 10.0 released through MP1, 10.2 GA, 10.3 GA Oracle Workshop for WebLogic (formerly BEA WebLogic Workshop) 9.0, 9.1, 9.2 released through MP3 Oracle Workshop for WebLogic (formerly BEA WebLogic Workshop) 8.1 released through SP6 |
Descripción |
|
Se ha publicado el parche acumulativo de octubre de 2008 para los siguientes productos de Oracle: Oracle Database, Oracle Application Server, Oracle JD Edwards EnterpriseOne, Oracle E-Business Suite, Oracle Enterprise Manager, Oracle PeopleSoft Enterprise, y Oracle WebLogic Server. Este parche soluciona múltiples vulnerabilidades que pueden comprometer la integridad, confidencialidad y disponibilidad de dichos productos así como la información manejada por ellos. |
|
Solución |
|
Actualización de software Oracle Ver tabla de actualizaciones en: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE |
CVE-2008-3989 CVE-2008-2624 CVE-2008-3995 CVE-2008-3996 CVE-2008-3992 CVE-2008-3976 CVE-2008-3982 CVE-2008-3983 CVE-2008-3984 CVE-2008-3994 CVE-2008-3980 CVE-2008-4005 CVE-2008-2625 CVE-2008-3990 CVE-2008-3991 |
BID | |
Recursos adicionales |
|
Oracle Critical Patch Update - Octubre 2008 http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html |
Histórico de versiones |
||
Versión | Comentario | Data |
1.0 | Aviso emitido | 2008-10-22 |