FYI...

- http://isc.sans.org/diary.html?storyid=3164
Last Updated: 2007-07-18 05:57:36 UTC - "Oracle released its quarterly Critical Patch Update today. This quarterly update contains 45 new security fixes that range across many of their products. The ISC strongly recommends that these updates be applied in a timely manner as the risks posed by attackers compromising sensitive data contained in your database products. For more information on the products and versions affected, please see the Oracle Critical Patch Update* website."

* http://www.oracle.com/technology/deploy/se...cpujul2007.html

> http://blogs.oracle.com/security/2007/07/17#a62

.

This post has been edited by AplusWebMaster: Feb 6 2010, 09:31 AM

FYI...

Oracle Critical Patch Update Advisory - April 2009
- http://www.oracle.com/technology/deploy/se...cpuapr2009.html
2009-Apr-14 - "... Critical Patch Update Advisories should be reviewed for information regarding earlier accumulated security fixes. Please refer to Critical Patch Updates and Security Alerts* for information about Oracle Security Advisories. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply fixes as soon as possible. This Critical Patch Update contains 43 new security fixes across all products..."
* http://www.oracle.com/technology/deploy/se...calPatchUpdates

- http://secunia.com/advisories/34693/2/
Release Date: 2009-04-15
Critical: Highly critical
Impact: Unknown, Manipulation of data, System access
Where: From remote
Solution Status: Vendor Patch...
- http://secunia.com/advisories/34693/3/
(CVE reference links)

- http://secunia.com/advisories/34730/2/
Release Date: 2009-04-15
Critical: Moderately critical
Impact: Privilege escalation
Where: From remote
Solution Status: Vendor Patch
Software: BEA WebLogic Portal 8.x ...
Original Advisory: Oracle:
http://www.oracle.com/technology/deploy/se...urity/1001.html ...



This post has been edited by AplusWebMaster: Apr 15 2009, 04:18 AM