Diaries by Keyword - SANS Internet Storm Center

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Handler on Duty: Jesse La Grew

Threat Level: green

Date	Author	Title
ORACLE JULY 2010
2010-07-10	Tony Carothers	Oracle July 2010 Pre-Release Announcement
ORACLE
2021-10-09/a>	Guy Bruneau	Scanning for Previous Oracle WebLogic Vulnerabilities
2020-05-05/a>	Russ McRee	Cloud Security Features Don't Replace the Need for Personnel Security Capabilities
2019-06-19/a>	Johannes Ullrich	Critical Actively Exploited WebLogic Flaw Patched CVE-2019-2729
2018-07-17/a>	Scott Fendley	Oracle Critical Patch Update Release
2017-10-30/a>	Johannes Ullrich	Critical Patch For Oracle's Identity Manager
2016-03-23/a>	Bojan Zdrnja	Abusing Oracles
2014-07-15/a>	Daniel Wesemann	Oracle July 2014 CPU (patch bundle)
2014-07-13/a>	Tony Carothers	Oracle July 2014 Update Pre-Notification
2014-04-16/a>	Johannes Ullrich	Oracle Critical Patch Update for April 2014
2014-01-30/a>	Johannes Ullrich	Oracle Reports Vulnerability
2014-01-14/a>	Johannes Ullrich	Oracle Critical Patch Update January 2014
2013-02-20/a>	Johannes Ullrich	Update Palooza
2013-02-19/a>	Johannes Ullrich	Oracle Updates Java (Java 7 Update 15, Java 6 update 41)
2013-01-12/a>	Stephen Hall	Oracle Patch Tuesday Pre-Release
2012-10-17/a>	Mark Hofman	Oracle Critical Patch Update October
2012-09-23/a>	Tony Carothers	Update for CVE-2012-3132
2012-07-25/a>	Johannes Ullrich	Microsoft Exchange/Sharepoint and others: Oracle Outside In Vulnerability
2012-07-15/a>	Guy Bruneau	Oracle July 2012 Critical Patch Pre-Release Announcement
2012-04-30/a>	Rob VandenBrink	Patch for Oracle TNS Listener issue released !
2012-04-27/a>	Johannes Ullrich	Critical Unpatched Oracle Vulnerability
2012-04-18/a>	Kevin Shortt	Oracle Critical Patch Update Advisory - April 2012: http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
2012-04-13/a>	Daniel Wesemann	Oracle CPU Patches announced for Apr 17
2012-02-16/a>	Tony Carothers	Java Update for February
2012-02-01/a>	Russ McRee	Oracle Security Alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html
2012-01-18/a>	Richard Porter	Oracle Quarterly Released, http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
2011-10-22/a>	Guy Bruneau	Oracle Java SE Critical Patch Update
2011-10-19/a>	Mark Hofman	Oracle Critical Patch Update
2011-04-16/a>	Scott Fendley	Oracle Patch Update Pre-Release Announcement
2011-03-07/a>	Bojan Zdrnja	Oracle padding attacks (Codegate crypto 400 writeup)
2011-02-15/a>	Jason Lam	Oracle Java 6 Update 24
2011-02-09/a>	Mark Hofman	Java Floating point issue (CVE-2010-4476)
2011-01-18/a>	Daniel Wesemann	Oracle Patches (Jan2011 CPU)
2010-10-12/a>	Scott Fendley	Oracle Critical Updates Released
2010-07-10/a>	Tony Carothers	Oracle July 2010 Pre-Release Announcement
2010-04-14/a>	Mark Hofman	Oracle has released 47 critical patches (Includes SUN patches)
2010-02-09/a>	Mark Hofman	Oracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html
2010-02-06/a>	Guy Bruneau	Oracle WebLogic Server Security Alert
2010-01-12/a>	Johannes Ullrich	Oracle Patches Relased
2009-10-20/a>	Raul Siles	Oracle Critical Patch Update (CPU) - October 2009
2009-10-16/a>	Adrien de Beaupre	Cyber Security Awareness Month - Day 16 - Port 1521 - Oracle TNS Listener
2009-07-14/a>	Swa Frantzen	Oracle Black Tuesday
2009-05-19/a>	Bojan Zdrnja	Advanced blind SQL injection (with Oracle examples)
2009-04-14/a>	Swa Frantzen	Oracle quarterly patches
2008-10-14/a>	Swa Frantzen	Oracle quarterly patches on black tuesday
2008-07-30/a>	David Goldsmith	Serious 0-Day Flaw in Oracle -- Patch Released
2008-07-15/a>	Maarten Van Horenbeeck	Oracle (and BEA, Hyperion and TimesTen) critical patch update July 15th, 2008
2006-11-29/a>	Toby Kohlenberg	Week of Oracle bugs cancelled
2006-10-18/a>	Robert Danford	Oracle Quarterly Critical Patch Update (Oct 2006)
JULY
2013-07-06/a>	Guy Bruneau	Microsoft July Patch Pre-Announcement
2012-07-15/a>	Guy Bruneau	Oracle July 2012 Critical Patch Pre-Release Announcement
2010-07-10/a>	Tony Carothers	Oracle July 2010 Pre-Release Announcement
2009-07-03/a>	Adrien de Beaupre	Happy 4th of July!
2010
2020-05-14/a>	Rob VandenBrink	Patch Tuesday Revisited - CVE-2020-1048 isn't as "Medium" as MS Would Have You Believe
2011-04-28/a>	Chris Mohan	Gathering and use of location information fears - or is it all a bit too late
2011-01-08/a>	Guy Bruneau	PandaLabs 2010 Annual Report
2010-12-20/a>	Guy Bruneau	Highlight of Survey Related to Issues Affecting Businesses in 2010
2010-11-16/a>	Guy Bruneau	OpenSSL TLS Extension Parsing Race Condition
2010-10-31/a>	Marcus Sachs	Cyber Security Awareness Month - Day 31 - Tying it all together
2010-10-30/a>	Guy Bruneau	Security Update for Shockwave Player
2010-10-30/a>	Guy Bruneau	Cyber Security Awareness Month - Day 30 - Role of the network team
2010-10-29/a>	Manuel Humberto Santander Pelaez	Cyber Security Awareness Month - Day 29- Role of the office geek
2010-10-28/a>	Rick Wanner	Cyber Security Awareness Month - Day 27 - Social Media use in the office
2010-10-28/a>	Tony Carothers	Cyber Security Awareness Month - Day 28 - Role of the employee
2010-10-28/a>	Manuel Humberto Santander Pelaez	CVE-2010-3654 - New dangerous 0-day authplay library adobe products vulnerability
2010-10-26/a>	Pedro Bueno	Cyber Security Awareness Month - Day 26 - Sharing Office Files
2010-10-25/a>	Kevin Shortt	Cyber Security Awareness Month - Day 25 - Using Home Computers for Work
2010-10-24/a>	Swa Frantzen	Cyber Security Awarenes Month - Day 24 - Using work computers at home
2010-10-23/a>	Mark Hofman	Cyber Security Awareness Month - Day 23 - The Importance of compliance
2010-10-22/a>	Daniel Wesemann	Cyber Security Awareness Month - Day 22 - Security of removable media
2010-10-21/a>	Chris Carboni	Cyber Security Awareness Month - Day 21 - Impossible Requests from the Boss
2010-10-20/a>	Jim Clausing	Cyber Security Awareness Month - Day 20 - Securing Mobile Devices
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - VPN and Remote Access Tools
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - Remote Access Tools
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split?
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - VPN Architectures – SSL or IPSec?
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard?
2010-10-18/a>	Manuel Humberto Santander Pelaez	Cyber Security Awareness Month - Day 18 - What you should tell your boss when there's a crisis
2010-10-17/a>	Stephen Hall	Cyber Security Awareness Month - Day 17 - What a boss should and should not have access to
2010-10-15/a>	Marcus Sachs	Cyber Security Awareness Month - Day 15 - What Teachers Need to Know About Their Students
2010-10-15/a>	Guy Bruneau	Cyber Security Awareness Month - Day 16 - Securing a donated computer
2010-10-14/a>	Johannes Ullrich	Cyber Security Awareness Month - Day 14 - Securing a public computer
2010-10-13/a>	Deborah Hale	Cyber Security Awareness Month - Day 13 - Online Bullying
2010-10-12/a>	Scott Fendley	Cyber Security Awareness Month - Day 12 - Protecting and Managing Your Digital Identity On Social Media Sites
2010-10-11/a>	Rick Wanner	Cyber Security Awareness Month - Day 11 - Safe Browsing for Teens
2010-10-10/a>	Kevin Liston	Cyber Security Awareness Month - Day 10 - Safe browsing for pre-teens
2010-10-09/a>	Kevin Shortt	Cyber Security Awareness Month - Day 9 - Disposal of an Old Computer
2010-10-08/a>	Rick Wanner	Cyber Security Awareness Month - Day 8 - Patch Management and System Updates
2010-10-06/a>	Marcus Sachs	Cyber Security Awareness Month - Day 6 - Computer Monitoring Tools
2010-10-06/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 7 - Remote Access and Monitoring Tools
2010-10-05/a>	Rick Wanner	Cyber Security Awareness Month - Day 5 - Sites you should stay away from
2010-10-04/a>	Daniel Wesemann	Cyber Security Awareness Month - Day 4 - Managing EMail
2010-10-03/a>	Adrien de Beaupre	Cyber Security Awareness Month - Day 3 - Recognizing phishing and online scams
2010-10-02/a>	Mark Hofman	Cyber Security Awareness Month - Day 2 - Securing the Family Network
2010-10-01/a>	Marcus Sachs	Cyber Security Awareness Month - 2010
2010-10-01/a>	Marcus Sachs	Cyber Security Awareness Month - Day 1 - Securing the Family PC
2010-09-17/a>	Robert Danford	Circa 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301)
2010-09-13/a>	Manuel Humberto Santander Pelaez	Adobe SING table parsing exploit (CVE-2010-2883) in the wild
2010-09-12/a>	Manuel Humberto Santander Pelaez	Adobe Acrobat pushstring Memory Corruption paper
2010-09-08/a>	John Bambenek	Adobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory
2010-07-20/a>	Manuel Humberto Santander Pelaez	iTunes buffer overflow vulnerability
2010-07-10/a>	Tony Carothers	Oracle July 2010 Pre-Release Announcement
2010-06-15/a>	Manuel Humberto Santander Pelaez	Microsoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild
2010-03-28/a>	Rick Wanner	Honeynet Project: 2010 Forensic Challenge #3
2010-01-19/a>	Jim Clausing	The IE saga continues, out-of-cycle patch coming soon
2010-01-15/a>	Kevin Liston	Exploit code available for CVE-2010-0249
2000-01-02/a>	Deborah Hale	2010 A Look Back - 2011 A Look Ahead

ORACLE JULY 2010

ORACLE

JULY

2010