Vulnerability Bulletins |
Oracle publica parche acumulativo de Julio 2006 |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | Comercial Software |
| Affected software |
Oracle Database 10g Release 2, 10.2.0.1, 10.2.0.2 Oracle Database 10g Release 1, 10.1.0.4, 10.1.0.5 Oracle9i Database Release 2, 9.2.0.6, 9.2.0.7 Oracle8i Database Release 3, 8.1.7.4 Oracle Enterprise Manager 10g Grid Control, 10.2.0.1 Oracle Application Server 10g Release 3, versions 10.1.3.0.0 Oracle Application Server 10g Release 2, 10.1.2.0.0 - 10.1.2.0.2, 10.1.2.1.0 Oracle Application Server 10g Release 1 9.0.4.2, 9.0.4.3 Oracle Collaboration Suite 10g Release 1, 10.1.2.0 Oracle9i Collaboration Suite Release 2, 9.0.4.2 Oracle E-Business Suite Release 11i, 11.5.7 - 11.5.10 CU2 Oracle E-Business Suite Release 11.0 Oracle Pharmaceutical Applications 4.5.0 - 4.5.2 Oracle PeopleSoft Enterprise Portal Solutions, 8.4, 8.8, 8.9 Oracle PeopleSoft Enterprise Portal Solutions (with Enforcer Portal Pack), version 8.8 JD Edwards EnterpriseOne Tools, OneWorld Tools, versions 8.95, 8.96 |
Description |
|
|
Se ha publicado el parche acumulativo de Julio de 2006 para los siguientes productos de Oracle: Oracle Database, Oracle Application Server, Oracle Enterprise Manager Grid Control, Oracle Collaboration Suite, JD Edwards EnterpriseOne, JD Edwards OneWorld Tools, PeopleSoft Enterprise Portal Applications and PeopleSoft Enterprise PeopleTools Este parche soluciona múltiples vulnerabilidades que pueden comprometer la integridad, confidencialidad y disponibilidad de dichos productos asi como la información manejada por ellos. |
|
Solution |
|
|
Actualización de software Oracle Oracle Database Server http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=372930.1#DBAVAIL Oracle Application Server http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=372930.1#ASMIDTIER Oracle Collaboration Suite http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=372930.1#OCSAVAIL Oracle E-Business Suite and Applications http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2006.html#Appendix%20D Oracle Pharmaceutical Applications http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=374060.1 Oracle Enterprise Manager http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=372930.1#OEMAVAIL Oracle PeopleSoft Enterprise y JD Edwards EnterpriseOne http://www.peoplesoft.com/corp/en/support/security_index.jsp Hewlett-Packard Oracle for OpenView (OfO) / HP-UX, Tru64 UNIX, Linux, Solaris, Windows / Oracle Critical Patch Update - July 2006 http://itrc.hp.com/ Hewlett-Packard Oracle for OpenView (OfO) / HP-UX, Tru64 UNIX, Linux, Solaris, Windows / Oracle Critical Patch Update - January 2007 http://itrc.hp.com/ |
|
Standar resources |
|
| Property | Value |
| CVE | |
| BID | |
Other resources |
|
|
Oracle Critical Patch Update - Julio 2006 http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2006.html HP SECURITY BULLETIN (HPSBMA02133) http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c00727143 Red Database Security (DB03) http://www.red-database-security.com/advisory/oracle_sql_injection_kupw$worker.html Red Database Security (DB01) http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_cdc_impdp.html Red Database Security (DB22) http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_upgrade.html Red Database Security (DB21) http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_stats.html |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2006-07-19 |
| 1.1 | Aviso actualizado por Hewlett Packard (HPSBMA02133) | 2007-01-24 |