Vulnerability Bulletins |
Oracle publica parche acumulativo de Octubre 2008 |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Confidencialidad |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | Comercial Software |
Affected software |
Oracle Database 11g, version 11.1.0.6 Oracle Database 10g Release 2, versions 10.2.0.2, 10.2.0.3, 10.2.0.4 Oracle Database 10g, version 10.1.0.5 Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.3.0,10.1.3.4.0 Oracle Application Server 10g Release 2 (10.1.2), versions 10.1.2.2.0, 10.1.2.3.0 Oracle Application Server 10g (9.0.4), version 9.0.4.3 Oracle E-Business Suite Release 12, version 12.0.4 Oracle E-Business Suite Release 11i, version 11.5.10.2 Oracle PeopleSoft Enterprise PeopleTools versions 8.48.18, 8.49.14 Oracle PeopleSoft Enterprise Portal versions 8.9, 9.0 Oracle JD Edwards EnterpriseOne Tools versions 8.97, 8.98 Oracle WebLogic Server (formerly BEA WebLogic Server) 10.0 released through MP1, 10.3 GA Oracle WebLogic Server (formerly BEA WebLogic Server) 9.0 GA, 9.1 GA, 9.2 released through MP3 Oracle WebLogic Server (formerly BEA WebLogic Server) 8.1 released through SP6 Oracle WebLogic Server (formerly BEA WebLogic Server) 7.0 released through SP7 Oracle WebLogic Server (formerly BEA WebLogic Server) 6.1 released through SP7 Oracle Workshop for WebLogic (formerly BEA WebLogic Workshop) 10.0 released through MP1, 10.2 GA, 10.3 GA Oracle Workshop for WebLogic (formerly BEA WebLogic Workshop) 9.0, 9.1, 9.2 released through MP3 Oracle Workshop for WebLogic (formerly BEA WebLogic Workshop) 8.1 released through SP6 |
Description |
|
Se ha publicado el parche acumulativo de octubre de 2008 para los siguientes productos de Oracle: Oracle Database, Oracle Application Server, Oracle JD Edwards EnterpriseOne, Oracle E-Business Suite, Oracle Enterprise Manager, Oracle PeopleSoft Enterprise, y Oracle WebLogic Server. Este parche soluciona múltiples vulnerabilidades que pueden comprometer la integridad, confidencialidad y disponibilidad de dichos productos así como la información manejada por ellos. |
|
Solution |
|
Actualización de software Oracle Ver tabla de actualizaciones en: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html |
|
Standar resources |
|
Property | Value |
CVE |
CVE-2008-3989 CVE-2008-2624 CVE-2008-3995 CVE-2008-3996 CVE-2008-3992 CVE-2008-3976 CVE-2008-3982 CVE-2008-3983 CVE-2008-3984 CVE-2008-3994 CVE-2008-3980 CVE-2008-4005 CVE-2008-2625 CVE-2008-3990 CVE-2008-3991 |
BID | |
Other resources |
|
Oracle Critical Patch Update - Octubre 2008 http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2008-10-22 |