Multiple Vulnerabilities in Oracle

Multiple vulnerabilities have been reported in oracle which can be exploited by remotely or locally by the attacker which can result in compromise of affected system .

 Affected Systems

Ø  Oracle Database 11g Release 2, versions 11.2.0.2, 11.2.0.3                                                 

Ø  Oracle Database 11g Release 1, version 11.1.0.7                                                                 

Ø  Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5                        

Ø  Oracle Secure Backup, version 10.3.0.3, 10.4.0.1                                                                 

Ø  Oracle Fusion Middleware 11g Release 2, version 11.1.2.0                                       

Ø  Oracle Fusion Middleware 11g Release 1, versions 11.1.1.5, 11.1.1.6                        

Ø  Oracle Application Server 10g Release 3, version 10.1.3.5                                        

Ø  Oracle Identity Management 10g, version 10.1.4.3                                                    

Ø  Hyperion BI+, version 11.1.1.x                                                                                            

Ø  Oracle JRockit versions, R28.2.3 and earlier, R27.7.2 and earlier                               

Ø  Oracle Map Viewer, versions 10.1.3.1, 11.1.1.5, 11.1.1.6                                           

Ø  Oracle Outside In Technology, versions 8.3.5, 8.3.7                                                 

Ø  Enterprise Manager Plugin for Database 12c Release 1, versions 12.1.0.1, 12.1.0.2   

Ø  Enterprise Manager Grid Control 11g Release 1, version 11.1.0.1                                          

Ø  Enterprise Manager Grid Control 10g Release 1, version 10.2.0.5                                          

Ø  Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.6, 12.1.1, 12.1.2, 12.1.3    

Ø  Oracle E-Business Suite Release 11i, version 11.5.10.2                                                        

Ø  Oracle Transportation Management, versions 5.5.06, 6.0, 6.1, 6.2                                         

Ø  Oracle AutoVue, versions 20.0.2, 20.1                                                                                 

Ø  Oracle PeopleSoft Enterprise HRMS, versions 9.0, 9.1                                                         

Ø  Oracle PeopleSoft Enterprise PeopleTools, versions 8.50, 8.51, 8.52                                    

Ø  Oracle Siebel CRM, versions 8.1.1, 8.2.2                                                                             

Ø  Oracle Clinical Remote Data Capture Option, versions 4.6, 4.6.2, 4.6.3                      

Ø  Oracle Sun Product Suite                                                                                        

Ø  Oracle MySQL Server, versions 5.1, 5.5

CVE Reference:

CVE-2012-1735

CVE-2012-0540

CVE-2012-1757

CVE-2012-1756

CVE-2012-1734

CVE-2012-1689

CVE-2012-3120

CVE-2008-4609

CVE-2012-3125

CVE-2011-4358

CVE-2001-0323

CVE-2012-3126

CVE-2012-1687

CVE-2012-3127

CVE-2012-3129

CVE-2012-1738

CVE-2012-3123

CVE-2011-2699

CVE-2012-3121

CVE-2012-3124

CVE-2012-1752

CVE-2012-1765

CVE-2012-1750

CVE-2012-3112

CVE-2012-3130

CVE-2012-3131

CVE-2011-0419

CVE-2012-3128

CVE-2012-3122

CVE-2012-0563

CVE-2012-1743

CVE-2012-1731

CVE-2012-1728

CVE-2012-1742

CVE-2012-1760

CVE-2012-1761

CVE-2012-1732

CVE-2012-1754

CVE-2012-3113

CVE-2012-1753

CVE-2012-3118

CVE-2012-1748

CVE-2012-3119

CVE-2012-1733

CVE-2012-1764

CVE-2012-1762

CVE-2012-3111

CVE-2012-3114

CVE-2012-1758

CVE-2012-1759

CVE-2012-3117

CVE-2012-3116

CVE-2011-3368

CVE-2012-1715

CVE-2012-1730

CVE-2011-4317

CVE-2012-1727

CVE-2012-1739

Reference:

http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html