Published: 2010-01-19T23:13+00:00
Last Updated: 2010-01-19T23:13+00:00
JVNTR-2010-01
Oracle Updates for Multiple Vulnerabilities (TA10-012A)
Overview
Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
Event Information
| Date (UTC) | Description |
| 2010-01-13 18:05 |
Oracle Critical Patch Update - January 2010 |
| 2010-01-12 22:04 |
US-CERT TA10-012A: Oracle Updates for Multiple Vulnerabilities Via US-CERT Mailing List |
| 2010-01-12 21:19 |
SANS Internet Storm Center Oracle Patches Relased Oracle patches are complex and cover far more then just the database. Among other products, this release covers the Oracle Application Server and the Oracle WebLogic Server. |
| 2010-01-12 20:31 |
US-CERT Oracle Releases Critical Patch Update for January 2010 US-CERT Current Activity Oracle has released its Critical Patch Update for January 2010 to address 24 vulnerabilities across several products. |
| 2009-04-20 |
Zero Day Initiative (ZDI) ZDI-10-002: Oracle Secure Backup observiced.exe Remote Code Execution Vulnerability Vulnerability (CVE-2010-0072) Reported The specific flaw exists in the Oracle Secure Backup Services daemon observiced.exe listening on TCP port 10000 by default. Due to the lack of bounds checking on the reverse lookup of connections to the port a stack overflow can occur leading to a complete compromise of the affected system under the credentials of the SYSTEM account. |