| VID |
25088 |
| Severity |
40 |
| Port |
1521, ... |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The remote Oracle database server is missing the April 2010 Critical Patch Update (CPU) and therefore is potentially affected by security issues in the following components :
- Core RDBMS
- JavaVM
- Change Data Capture
- Audit
* Note: This check solely relied on the version number of the remote Oracle Database server to assess this vulnerability, so this might be a false positive.
* References:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2010.html
* Platforms Affected:
Oracle Database 11g Release 2, version 11.2.0.1
Oracle Database 11g Release 1, version 11.1.0.7
Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4
Oracle Database 10g, version 10.1.0.5
Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV
Oracle Application Server 10gR2, version 10.1.2.3.0
Oracle Identity Management 10g, version 10.1.4.0.1 and 10.1.4.3
Oracle Collaboration Suite 10g, version 10.1.2.4
Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1 and 12.1.2
Oracle E-Business Suite Release 11i, versions 11.5.10, 11.5.10.2
Oracle Transportation Manager, Versions: 5.5.05.07, 5.5.06.00, 6.0.03
Oracle Agile - Engineering Data Management, Version 6.1.1.0
PeopleSoft Enterprise PeopleTools, versions 8.49 and 8.50
Oracle Communications Unified Inventory Management version 7.1
Oracle Clinical Remote Data Capture Option 4.5.3, 4.6
Oracle Thesaurus Management System 4.5.2, 4.6, 4.6.1
Oracle Retail Markdown Optimization version 13.1
Oracle Retail Place In-Season version 12.2
Oracle Retail Plan In-Season version 12.2
Oracle Sun Product Suite
Microsoft Windows Any version
Linux Any version
Unix Any version |
| Recommendation |
Oracle has released a Critical Patch Update to address these issues. Information regarding obtaining and applying an appropriate patch can be found in the Oracle Critical Patch Update Advisory dated April 2010 at http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2010.html |
| Related URL |
CVE-2010-0851,CVE-2010-0852,CVE-2010-0854,CVE-2010-0860,CVE-2010-0866,CVE-2010-0867 (CVE) |
| Related URL |
39421,39424,39427,39428,39434,39439 (SecurityFocus) |
| Related URL |
(ISS) |
|
