Status Tracking Note TRTA06-109A

Oracle Products Contain Multiple Vulnerabilities

Overview

Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
Event Information


Date (UTC)Description
2006-04-19 19:08 US-CERT
TA06-109A: Oracle Products Contain Multiple Vulnerabilities
Via US-CERT Mailing List
2006-04-19 08:33 Bugtraq
Oracle 10g 10.2.0.2.0 DBA exploit
POC code released (BID17590)
2006-04-18 20:42 Oracle
Critical Patch Update - April 2006
2006-04-18 19:02 NGSSoftware Insight Security Research
Multiple critical and high risk vulnerabilities in Oracle's Database Server versions 8i, 9i and 10g
Full details will be published on the Tuesday, 18th of July 2006.
2005-10-26 NGSSoftware Insight Security Research
Workaround for unpatched Oracle PLSQL Gateway flaw
Oracle PL/SQL Gateway fails to properly validate HTTP requests (CVE-2006-0435,VU#169164)
David Litchfield from NGS informed Oracle


Date first published (UTC): 2006-04-19T23:08+00:00
Date last updated (UTC): 2006-04-19T23:08+00:00