See also

ORACLE : Oracle 10gOracle Audit Vault 10g

Name: ORACLE : Oracle 10g

9!	Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
		Quarterly CPU fixes nearly 80 different vulnerabilities
9!	Oracle / Sun / People Soft applications multiple security vulnerabilities
		Quarterly CPU fixes >50 security vulnereabilities.
9!	Oracle / Sun / Peoplesoft applications multiple security vulnerabilities updated since 25.07.2011
		Quarterly critical patch update closes 78 different vulnerabilities in all major applications.
9!	Oracle / Sun / Peoplesoft applications multiple security vulnerabilities updated since 13.10.2010
		CPU closes nearly 90 of different vulnerabilities in different applications.
8!	Oracle / Sun / Peoplesoft / Open Office applications multiple security vulnerabilities updated since 21.04.2011
		73 vulnerabilities in different applications.
9!	Oracle / Sun / Peoplesoft / Open Office applications multiple security vulnerabilities updated since 26.01.2011
		Quarterly security update closes nearly 70 different vulnerabilities in all applications.
8!	Oracle / Sun applications multiple security vulneraebilities updated since 15.07.2010
		Quarterly update fixed 59 different vulnerabilities.
8!	Oracle / Sun applications multiple security ulnerabilities updated since 16.04.2010
		Oracle quarterly CPU contains fixes for approximately 50 different vulnerabilities.
8!	Oracle quarterly security update updated since 16.07.2009
		Approximately 30 vulnerabilities in different applications are fixed.
9!	Oracle multiple application security vulnerabilities
		>20 vulnerabilities are fixed in different Oracle applications.
9!	Oracle applications multiple security vulnerabilities updated since 15.01.2009
		Oracle Critical Patch Update fixes >40 of different vulnerabilities in all Oracle applications.
8!	Oracle multiple security vulnerabilities updated since 22.10.2009
		Oracle quarterly Critical Patch Update fixes approximately 40 vulnerabilities in different Oracle products.
8!	Oracle multiple security vulnerabilities updated since 16.04.2009
		Quarterly update fixes nearly 50 different security vulnerabilities
8!	Oracle database server multiple security vulnerabilities updated since 16.04.2008
		CPU for April, 2008 fixes huge number of vulnerabilities.
8!	Oracle multiple security vulnerabilities updated since 26.10.2008
		New quarterly updated fixes different types of security vulnerabilities.
	Oracle privilege escaclation
		User with CREATE ANY DIRECTORY privileges can escalate privileges to SYSDBA.
8!	Oracle multiple security vulnerabilities updated since 18.07.2008
		New Critical Patch Update patches nearly 50 different vulnerabilities in all Oracle products.
6!	Oracle Application Server unauthorized access
		It's possible to bypass authentication.
	Oracle privilege escalation
		Multi-step sequence of operations allows user to get SYSDBA privileges.
	Oracle database server buffer overflow
		Buffer overflow in XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure.
7!	Oracle multiple security vulnerabilities updated since 18.10.2007
		New quartly critical patch update fixes few dozens of security vulnerabilities.
7!	Oracle multiple security vulnerabilities updated since 19.07.2007
		DBMS_DRS.GET_PROPERTY and MDSYS.MD buffer overflow, crossite scripting, privilege escalation with views.
7!	Oracle critical patch update updated since 18.04.2007
		Patch set fixes 36 vulnerabilities in Oracle applications, including 13 vulnerabilities in Oracle database server.
	Oracle Dynamic Monitoring Services crossite scripting
		Crossite scripting with /servlet/Spy.
	Oracle authentication downgrade
		It's possible for man-in-the-middle to force client and server to use weaker authentication protocol.
9!	Multiple Orcale security vulnerabilities.... again... updated since 18.01.2007
		Released security update fixes 17 security vulnerabilities for Oracle Database, 9 vulnerabilities in Oracle HTTP Server, 12 security vulnerabilities for Oracle Application Server, 7 vulnerabilities for Oracle E-Business Suite, 6 security bugs in Oracle Enterprise Manager, 3 bugs in Oracle PeopleSoft Enterprise PeopleTools. There is also a large number of different old and new bugs, many are not fixed for years. It makes it useless to talk about Oracle security. Use 3rd party products to protect your Oracle environment.
6!	Multiple Oracle security vulnerabilities... again
		Multiple privilege escalations. Virtual private database protection bypass.
8!	Multiple Oracle application server vulnerabilities updated since 19.04.2005
		SQL injections, DoS, data modification, crossite scripting, privilege escalation, audit setings modification. Password is passed from JDeveloper to SQLPlus in cleartext. JDeveloper password is stored in cleartext in different XML configuration files. Cleartext FormBuilder password is stored in temporary files. Weak permissions for temporary files. Reading and writing any file with Oracle Reports. Command execution with Oracle Forms and Oracle Reports. There is also a large number of different old and new bugs, many are not fixed for years. It makes it useless to talk about Oracle security. Use 3rd party products to protect your Oracle environment.
	Multiple Oracle 10g client vulnerabilities
		Vulnerable versions of third party utilities are installed to system path location.
	Oracle Forms SQL injection
		Form request data is not validated.
	Oracle multiple vulnerabilities
	Oracle Report Server crossite scripting
7!	Multiple Oracle Database Server security problems updated since 18.01.2005
		SQL injection, privilege escalation, buffer overflows.
9!	Multiple Orcale bugs updated since 01.09.2004
		Buffer overflows, DoS, SQL injections, etc.