Vulnerability Bulletins |
Oracle publica parche acumulativo de enero 2010 |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Aumento de privilegios |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | Comercial Software |
Affected software |
Oracle Database 11g, version 11.1.0.6, 11.1.0.7 Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4 Oracle Database 10g, version 10.1.0.5 Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV Oracle Application Server 10g Release 2 (10.1.2), version 10.1.2.3.0 Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.3.0, 10.1.3.4.0 Oracle Identity Management 10g, version 10.1.4.0.1, 10.1.4.2.0, 10.1.4.3.0 Oracle E-Business Suite Release 12, version 12.1 Oracle E-Business Suite Release 12, version 12.0.6 Oracle E-Business Suite Release 11i, version 11.5.10.2 Oracle Enterprise Manager Database Control 11, version 11.1.0.6, 11.1.0.7 Oracle Enterprise Manager Grid Control 10g Release 4, version 10.2.0.4 PeopleSoft Enterprise PeopleTools versions: 8.49 PeopleSoft Enterprise HRMS versions: 8.9 and 9.0 Siebel Highly Interactive Client versions: 7.5.3, 7.7.2, 7.8, 8.0, 8.1 Oracle WebLogic Server 10.3, 10.0MP1 Oracle WebLogic Server 9.0 GA, 9.1 GA, 9.2 through 9.2 MP3 Oracle WebLogic Server 8.1 through 8.1 SP6 Oracle WebLogic Server 7.0 through 7.0 SP7 Oracle Complex Event Processing 10.3 and WebLogic Event Server 2.0 Oracle JRockit R27.6.3 and earlier (JDK/JRE 6, 5, 1.4.2) |
Description |
|
Se ha publicado el parche acumulativo de enero 2010 para los siguientes productos de Oracle: Oracle Database, Oracle Application Server, Oracle Identity Management, Oracle E-Business Suite, Oracle Enterprise Manager Database Control, Oracle PeopleSoft Enterprise PeopleTools y BEA. Este parche soluciona múltiples vulnerabilidades que pueden comprometer la integridad, confidencialidad y disponibilidad de dichos productos asi como la información manejada por ellos. |
|
Solution |
|
Actualización de software Oracle Ver tabla de actualizaciones en: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2010.html |
|
Standar resources |
|
Property | Value |
CVE |
CVE-2010-0071 CVE-2009-3415 CVE-2010-0076 CVE-2009-3411 CVE-2009-3414 CVE-2009-1996 CVE-2009-3410 CVE-2009-3413 CVE-2009-3412 |
BID | |
Other resources |
|
Oracle Critical Patch Update - Enero 2010 http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2010-01-28 |