Multiple vulnerabilities have been reported in Oracle Database, which can be exploited by malicious, local users to manipulate certain data and cause a DoS (Denial of Service), by malicious users to disclose potentially sensitive information, manipulate certain data, gain escalated privileges and potentially compromise a vulnerable system, and by malicious people to disclose potentially sensitive information, conduct brute force attacks, manipulate certain data, and potentially compromise a vulnerable system.

1) An error in the logon protocol within the Core RDBMS component can be exploited to perform password cracking attacks.

2) An error when handling names of table with a flashback archive can be exploited to conduct SQL injection attacks and subsequently gain SYSDBA privileges.

Successful exploitation of this vulnerability requires Create session and create flashback archive privileges.

3) An unspecified error in the Core RDBMS component can be exploited by authenticated users to disclose and manipulate certain data and potentially execute arbitrary code.

Successful exploitation of this vulnerability requires Create session, create table privileges.

This may be related to:
SA50143

4) An unspecified error in the Core RDBMS component can be exploited by local users to manipulate certain data and cause a crash of the component.

5) An unspecified error in the Core RDBMS component can be exploited by authenticated users to manipulate certain component accessible data.

Successful exploitation of this vulnerability requires Create session, create any directory privileges.

The vulnerabilities are reported in version 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3.

Solution
Apply updates.
Further details available to Secunia VIM customers

Provided and/or discovered by
1) Esteban Martinez Fayo, TeamShatter
2) Martin Rakhmanov, Application Security Inc.

It is currently unclear who reported the remaining vulnerabilities as the Oracle Critical Patch Update for October 2012 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information.

Changelog
Further details available to Secunia VIM customers

Original Advisory
Oracle:
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html#AppendixDB

TeamShatter:
http://www.teamshatter.com/topics/general/team-shatter-exclusive/teamshatters-analysis-of-the-october-2012-oracle-cpu/
https://www.teamshatter.com/topics/general/team-shatter-exclusive/advisory-sql-injection-in-oracle-alter-fba-table/

Other references
Further details available to Secunia VIM customers

Deep Links
Links available to Secunia VIM customers