|
Oracle Products Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA35776
|
|
|
Release Date:
|
2009-07-15
|
|
Last Update:
|
2009-08-31
|
|
Popularity:
|
8,598 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
Security Bypass
Cross Site Scripting
Spoofing
Manipulation of data
Exposure of system information
Exposure of sensitive information
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | BEA JRockit 1.x
BEA WebLogic Event Server 2.x
BEA WebLogic Server 10.x
BEA WebLogic Server 7.x
BEA WebLogic Server 8.x
BEA WebLogic Server 9.x
Oracle Application Server 10g
Oracle Complex Event Processing 10.x
Oracle Database 10.x
Oracle Database 11.x
Oracle E-Business Suite 11i
Oracle E-Business Suite 12.x
Oracle Enterprise Manager 10.x
Oracle Enterprise Manager 11.x
Oracle Identity Management 10g
Oracle PeopleSoft Enterprise Human Resource Management System 8.x
Oracle PeopleSoft Enterprise Human Resource Management System 9.x
Oracle PeopleSoft Enterprise Tools 8.x
Oracle Secure Backup 10.x
Oracle Secure Enterprise Search 10.x
Oracle Siebel Highly Interactive Client 7.x
Oracle Siebel Highly Interactive Client 8.x
Oracle9i Database Enterprise Edition
Oracle9i Database Standard Edition
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Some vulnerabilities and a security issue have been reported in various Oracle products. Some have unknown impacts, others can be exploited by malicious people to cause a DoS (Denial of Service), conduct spoofing and cross-site scripting and SQL injection attacks, disclose sensitive information, or compromise a vulnerable system, and by malicious users to conduct SQL injection attacks or potentially compromise a vulnerable system.
1) Multiple vulnerabilities in JRockit can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
For more information:
SA34451
2) A vulnerability in Oracle Complex Event Processing can be exploited to disclose sensitive information.
For more information see vulnerability #1 in:
SA34975
3) An error exists within the processing of certain XML Signature documents within Oracle WebLogic Server (Web Services Component) and Oracle Secure Development Toolkit/Oracle Web Services Manager.
For more information, see security issue #4 in:
SA34461
4) Input passed via the "search_p_groups" parameter to "/search/query/search" in Oracle Secure Enterprise Search is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
5) Input passed via the "searchQuery" parameter to "/consolehelp/console-help.portal" in Oracle WebLogic Server is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
6) An error in Oracle Database Server when handling "TTC" data types can be exploited to corrupt memory.
7) An error in Oracle Database Server when handling multiple NSPTCN packets can be exploited to cause a crash.
8) An error in Oracle Database Server when processing TTIPFN packets can be exploited to trigger a high CPU consumption.
9) An error when processing a large number of TNS commands can be exploited to crash the listener process.
10) Input passed to the "Type", "snapshot", and "table" parameters in /em/console/ecm/history/configHistory, and to the "fConfigGuid" parameter in /em/console/ecm/config/compare/compareWizSecondConfig is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code via the Oracle Enterprise Manager web interface.
Successful exploitation of this vulnerability requires valid user credentials.
11) Input via unspecified parameters to the administration server of Oracle Secure Backup is not properly sanitised before being used to invoke commands. This can be exploited to inject and execute arbitrary commands with SYSTEM privileges via specially crafted requests.
Successful exploitation of this vulnerability requires authentication.
12) Input passed via the "username" parameter to login.php in the administration server of Oracle Secure Backup is not properly sanitised before being used in an SQL query. This can be exploited to manipulate the SQL query and log in with administrative privileges.
13) An error in the "REPCAT_RPC.VALIDATE_REMOTE_RC" function can be exploited to execute arbitrary PL/SQL code.
Successful exploitation requires that an additional PL/SQL injection vulnerability is successfully exploited.
14) A boundary error in Oracle Database can be exploited to cause a buffer overflow and potentially execute arbitrary code.
For more information see vulnerability #11 in:
SA34693
The remaining vulnerabilities are caused due to unspecified errors. No more information is currently available.
The vulnerabilities are reported in the following products and versions:
* Oracle Database 11g, version 11.1.0.6, 11.1.0.7
* Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4
* Oracle Database 10g, version 10.1.0.5
* Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV
* Oracle Application Server 10g Release 2 (10.1.2), version 10.1.2.3.0
* Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.3.0, 10.1.3.4.0
* Oracle Identity Management 10g, version 10.1.4.0.1, 10.1.4.2.0, 10.1.4.3.0
* Oracle E-Business Suite Release 12, version 12.1
* Oracle E-Business Suite Release 12, version 12.0.6
* Oracle E-Business Suite Release 11i, version 11.5.10.2
* Oracle Enterprise Manager Database Control 11, version 11.1.0.6, 11.1.0.7
* Oracle Enterprise Manager Grid Control 10g Release 4, version 10.2.0.4
* PeopleSoft Enterprise PeopleTools versions: 8.49
* PeopleSoft Enterprise HRMS versions: 8.9 and 9.0
* Siebel Highly Interactive Client versions: 7.5.3, 7.7.2, 7.8, 8.0, 8.1
* Oracle WebLogic Server 10.3, 10.0MP1
* Oracle WebLogic Server 9.0 GA, 9.1 GA, 9.2 through 9.2 MP3
* Oracle WebLogic Server 8.1 through 8.1 SP6
* Oracle WebLogic Server 7.0 through 7.0 SP7
* Oracle Complex Event Processing 10.3 and WebLogic Event Server 2.0
* Oracle JRockit R27.6.3 and earlier (JDK/JRE 6, 5, 1.4.2)
* Oracle Secure Backup prior to version 10.2.0.3
* Oracle Secure Enterprise Search prior to version 10.1.8.3
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
21st Dec, 2009
|
New advisories:
|
20 |
|
New vulnerabilities:
|
48 |
|
Updated advisories:
|
26 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 Solutions | More...
|
|
