Oracle Updates for Multiple Vulnerabilities
http://jvnrss.ise.chuo-u.ac.jp/jtg/trn/en/TRTA06-291A.html
JVNRSS based Status Tracking Notes: Oracle has released patch to address numerous vulnerabilities in different Oracle products. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.JVNRSS Feasibility Study Teamjvn@jvn.jpTRTA06-291A2006-10-27T01:51+00:002006-10-23T15:23+00:002006-10-27T01:51+00:00Oracle Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA06-291A.html
Via US-CERT Mailing List
Oracle has released patch to address numerous vulnerabilities in different Oracle products. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
US-CERTTA06-291A2006-10-18T14:56-04:002006-10-18T14:56-04:002006-10-18T14:56-04:00Analysis of the October 2006 Critical Patch Update for the Oracle RDBMS
http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf
databasesecurity.com2006-10-18T06:36+00:002006-10-18T06:36+00:002006-10-18T06:36+00:00Critical Patch Update - October 2006
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html
Oraclehttp://www.us-cert.gov/cas/techalerts/TA06-291A.html2006-10-17T18:37+00:002006-10-17T18:37+00:002006-10-17T18:37+00:00Modify Data via Inline Views (8107967) [DB09]
http://www.red-database-security.com/advisory/oracle_modify_data_via_inline_views.html
Vulnerability Reported
Red-Database-Securityhttp://www.us-cert.gov/cas/techalerts/TA06-291A.html2006-07-242006-07-242006-07-24SQL Injection in package MDSYS.SDO_LRS (7569081) [DB13]
http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_lrs.html
Vulnerability Reported
Red-Database-Securityhttp://www.us-cert.gov/cas/techalerts/TA06-291A.html2006-04-192006-04-192006-04-19SQL Injection in package SYS.DBMS_SQLTUNE_INTERNAL (6980745) [DB10]
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_sqltune_internal.html
Vulnerability Reported
Red-Database-Securityhttp://www.us-cert.gov/cas/techalerts/TA06-291A.html2005-11-012005-11-012005-11-01SQL Injection in package SYS.DBMS_CDC_IMPDP
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_cdc_impdp2.html
Vulnerability Reported
Red-Database-Securityhttp://www.us-cert.gov/cas/techalerts/TA06-291A.html2005-11-012005-11-012005-11-01SQL Injection in package XDB.DBMS_XDBZ0 [DB01]/[DB15]
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_xdbz0.html
Vulnerability Reported
Red-Database-Securityhttp://www.us-cert.gov/cas/techalerts/TA06-291A.html2005-11-012005-11-012005-11-01Cross-Site-Scripting Vulnerability in Oracle APEX WWV_FLOW_ITEM_HELP
http://www.red-database-security.com/advisory/oracle_apex_css_wwv_flow_item_help.html
Vulnerability Reported
Red-Database-Securityhttp://www.us-cert.gov/cas/techalerts/TA06-291A.html2005-10-032005-10-032005-10-03Cross-Site-Scripting Vulnerabilitiy in Oracle APEX NOTIFICATION_MSG
http://www.red-database-security.com/advisory/oracle_apex_css_notification_msg.html
Vulnerability Reported
Red-Database-Securityhttp://www.us-cert.gov/cas/techalerts/TA06-291A.html2005-10-032005-10-032005-10-03SQL Injection Vulnerability in Oracle WWV_FLOW_UTILITIES
http://www.red-database-security.com/advisory/oracle_apex_sql_injection_wwv_flow_utilities.html
Vulnerability Reported
Red-Database-Securityhttp://www.us-cert.gov/cas/techalerts/TA06-291A.html2005-10-032005-10-032005-10-03Various Cross-Site-Scripting Vulnerabilities in Oracle Reports
http://www.red-database-security.com/advisory/oracle_reports_css.html
Vulnerability Reported
Red-Database-Securityhttp://www.us-cert.gov/cas/techalerts/TA06-291A.html2003-08-282003-08-282003-08-28U3KBxLISF9aD//A0KL/qsWfN4/g=5QyKh1KQIqoaCEX4U4FZkpa4oxg=v/Ps7el5Sa4mitoXA04z4kMvVqacqjqsJEibBMldtXjrMDWLK3JT4TRHQo9M6kuczq6KtLM2P2GFZaGGunn5G4aRqBRG8em1gOHsT61/wEgsNBxrL6cn6jVvu+59r9g4W/pGWSYRNEza2qTkKRMWpwp0jt28JMN5zDDyyoc4c3s=MIIEJTCCA46gAwIBAgIQH8+x187tRT6w02OJfpsddzANBgkqhkiG9w0BAQUFADCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5jb3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEgQ0EgSW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZDAeFw0wNjA2MTMwMDAwMDBaFw0wNzA2MTMyMzU5NTlaMIIBGzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5jb3JwLiBieSBSZWYuLExJQUIuTFREKGMpOTgxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDE0MDIGA1UECxMrRGlnaXRhbCBJRCBDbGFzcyAxIC0gTWljcm9zb2Z0IEZ1bGwgU2VydmljZTEgMB4GA1UEAxQXSlZOUlNTIFJlc2VhcmNoIFByb2plY3QxHzAdBgkqhkiG9w0BCQEWEGp2bnJzc0BpcGEuZ28uanAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANV6POygjjKOFc1uAG/YV5VpW07NCJpI3BGisMqVW8gkbU3Dk6gBCc4owM7r/JDIjJ0XmGUCMTsRCnijdbNnn9VR5tIgMhWC6p0+MeOzNQ0XOXEewfLV0nhd+7K3TgjwXNcWI02xqhv+NtD1BHzcDrkdCkGoxn/g1FgUnyhJ4Ob9AgMBAAGjgbUwgbIwCQYDVR0TBAIwADBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwCwYDVR0PBAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMEBggrBgEFBQcDAjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLnZlcmlzaWduLmNvbS9jbGFzczEuY3JsMA0GCSqGSIb3DQEBBQUAA4GBAHv9wR3h5rhh1JXN/2GBxPnBDfHUi9Jn5sfxDXvu88rNJnd4kMOhxNctZVk18/oegHdhHoxsjaNJ6v1xxpF2/u5ARoWT8TwaKnvYWwefupiTS326EY/52RVXwPtep9M02v+S2CwgF3aIKXuF5EuoR2NndxqCRUzns9AJt0qQIwmY