Vulnerability Bulletins |
Oracle publica parche acumulativo de Abril |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Obtener acceso |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | Comercial Software |
Affected software |
Oracle Database 10g Release 2, 10.2.0.1, 10.2.0.2 Oracle Database 10g Release 1, 10.1.0.4, 10.1.0.5 Oracle9i Database Release 2, 9.2.0.6, 9.2.0.7 Oracle8i Database Release 3, 8.1.7.4 Oracle Enterprise Manager 10g Grid Control, 10.1.0.3, 10.1.0.4, 10.2.0.1 Oracle Application Server 10g Release 2, 10.1.2.0.0 - 10.1.2.0.2, 10.1.2.1.0, 10.1.3.0.0 Oracle Application Server 10g Release 1 (9.0.4), 9.0.4.1, 9.0.4.2 Oracle Collaboration Suite 10g Release 1, 10.1.1, 10.1.2.0, 10.1.2.1 Oracle9i Collaboration Suite Release 2, 9.0.4.2 Oracle E-Business Suite Release 11i, 11.5.1 - 11.5.10 CU2 Oracle E-Business Suite Release 11.0 Oracle Pharmaceutical Applications 4.5.0 - 4.5.2 Oracle PeopleSoft Enterprise Tools, 8.47GA - 8.47.04 Oracle PeopleSoft Enterprise Tools, 8.46GA - 8.46.12 JD Edwards EnterpriseOne Tools, OneWorld Tools, 8.95 - 8.95.J1 Oracle for OpenView (OfO) = 8.1.7, 9.1.01, 9.2 |
Description |
|
Se ha publicado el parche acumulativo de Abril para los siguientes productos de Oracle: Oracle Database Server, Enterprise Manager Grid Control, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite, Oracle Pharmaceutical Applications, Oracle PeopleSoft Enterprise Tools, Oracle PeopleSoft Enterprise Tools, JD Edwards EnterpriseOne Tools, and OneWorld Tools. Este parche soluciona múltiples vulnerabilidades que pueden comprometer la integridad, confidencialidad y disponibilidad de dichos productos asi como la información manejada por ellos. |
|
Solution |
|
Actualización de software Oracle Oracle Database Server http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=360465.1 Oracle Application Server http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=360466.1 Oracle Collaboration Suite http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=360467.1 Oracle E-Business Suite y Applications http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=360468.1 Oracle Pharmaceutical Applications http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=362646.1 Oracle Enterprise Manager http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=360469.1 Oracle PeopleSoft Enterprise y JD Edwards EnterpriseOne http://www.peoplesoft.com/corp/en/support/security_index.jsp Hewlett-Packard Oracle for OpenView (OfO) 8.1.7, 9.1.01, 9.2 / HP-UX, Tru64 UNIX, Linux, Solaris, Windows / Critical Patch Update - April 2006 http://itrc.hp.com/ |
|
Standar resources |
|
Property | Value |
CVE | CVE-2006-0435 |
BID | 16384 |
Other resources |
|
Oracle Critical Patch Update - April 2006 http://www.oracle.com/technology/deploy/security/pdf/cpuapr2006.html Red Database Security (DB06) http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_logmnr_session.html Red Database Security (oracle_cpu_apr_2006) http://www.red-database-security.com/advisory/oracle_cpu_apr_2006.html HP SECURITY BULLETIN (HPSBMA02113) http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c00651782 |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2006-04-19 |
1.1 | Aviso emitido por HP (HPSBMA02113) | 2006-04-25 |