Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Oracle releases January 2008 Critical Patch Update

Published: 2008-01-15
Last Updated: 2008-01-15 21:02:59 UTC
by Maarten Van Horenbeeck (Version: 1)
0 comment(s)

The January 2008 Critical Patch Update contains 27 security fixes, of which the highest CVSS score is 6.8 for servers and 9.3 for Application Server clients. The following Oracle versions are affected by vulnerabilities fixed in this patch release:

Oracle Database 11g, version
Oracle Database 10g Release 2, versions,
Oracle Database 10g, version
Oracle Database 9i Release 2, versions,
Oracle Application Server 10g Release 3 (10.1.3), versions,,,
Oracle Application Server 10g Release 2 (10.1.2), versions -,,
Oracle Application Server 10g (9.0.4), version
Oracle Collaboration Suite 10g, version 10.1.2
Oracle E-Business Suite Release 12, versions 12.0.0 - 12.0.3
Oracle E-Business Suite Release 11i, versions 11.5.9 - 11.5.10 CU2
Oracle Enterprise Manager Grid Control 10g Release 1, versions,
Oracle PeopleSoft Enterprise PeopleTools versions 8.22, 8.47, 8.48, 8.49
Oracle PeopleSoft Enterprise Human Capital Management versions 8.9, 9.0 (Absence Management Module)

More information and downloads at Oracle.

0 comment(s)
Diary Archives