Oracle Security Alerts

Critical Patch Update - April 2009

Tue, 14 Apr 2009 15:40:58 PDT

Critical Patch Update - January 2009

Tue, 14 Apr 2009 15:40:50 PDT

Critical Patch Update - October 2008

Wed, 15 Oct 2008 18:53:46 GMT

Critical Patch Update - July 2008

Tue, 15 Jul 2008 20:01:17 GMT

Critical Patch Update - April 2008

Tue, 15 Apr 2008 22:13:44 GMT

Critical Patch Update - January 2008

Tue, 15 Jan 2008 22:55:07 GMT

Critical Patch Update - October 2007

Tue, 16 Oct 2007 20:47:15 GMT

Critical Patch Update - July 2007

Tue, 17 Jul 2007 20:21:34 GMT

Critical Patch Update - April 2007

Wed, 18 Apr 2007 15:57:25 GMT

Critical Patch Update - January 2007

Tue, 16 Jan 2007 23:35:52 GMT

Critical Patch Update - October 2006

Tue, 17 Oct 2006 18:37:45 GMT

Critical Patch Update - April 2006

Tue, 18 Apr 2006 20:42:18 GMT

Critical Patch Update - January 2006

Wed, 18 Jan 2006 00:20:10 GMT

Critical Patch Update - October 2005

Tue, 18 Oct 2005 22:25:52 GMT

Critical Patch Update - July 2005

Tue, 12 Jul 2005 19:46:55 GMT

Critical Patch Update - April 2005

Tue, 18 Oct 2005 22:28:17 GMT

Critical Patch Update - January 2005

Tue, 18 Oct 2005 22:28:22 GMT

Unauthorized Access Vulnerabilities in Oracle E-Business Suite

Mon, 02 Aug 2004 16:40:00 GMT

Alert #67, Rev 1, 3 June 2004. Patches are available on MetaLink.

Security Vulnerabilities in Oracle Application Server Web Cache

Mon, 02 Aug 2004 16:39:29 GMT

Alert #66, Rev 2, 2 April 2004. Patches are available on MetaLink.

Security Vulnerability in Oracle9i Application and Database Servers

Mon, 02 Aug 2004 16:38:48 GMT

Alert #65, Rev 4, 2 June 2004. Patches are available on MetaLink.

Security Vulnerabilities in Oracle9i Database Server

Mon, 02 Aug 2004 16:38:10 GMT

Alert #64, Rev 2, 20 May 2004. Patches are available on MetaLink.

Security Vulnerabilities in Oracle9i Lite

Mon, 02 Aug 2004 16:37:32 GMT

Alert #63, Rev 1, 18 February 2004. Patches are available on MetaLink.

SSL Update for CERT CA-2003-26 and Older SSL Issues

Mon, 02 Aug 2004 16:36:50 GMT

Alert #62, Rev 1, 04 December 2003. Patches are available on MetaLink.

SQL Injection Vulnerability in Oracle9i Application Server

Mon, 02 Aug 2004 16:36:07 GMT

Alert #61, Rev 3, 13 November 2003. Patches are available on MetaLink.

Unauthorized Access to Restricted Content in Oracle Files

Mon, 02 Aug 2004 16:35:37 GMT

Alert #60, Rev 1, 28 October 2003. Patches are available on MetaLink.

Buffer Overflow in Oracle Database Server Binaries

Mon, 02 Aug 2004 16:35:08 GMT

Alert #59, Rev 3, 13 November 2003. Patches are available on MetaLink.

Buffer Overflow in the XML Database of Oracle9i Database Server

Mon, 02 Aug 2004 16:34:31 GMT

Alert #58, Rev 1, 18 August 2003. Patches are available on MetaLink.

Buffer Overflows in EXTPROC of Oracle Database Server

Mon, 02 Aug 2004 16:33:56 GMT

Alert #57, Rev 2, 07August 2003. Patches are available on MetaLink.

Buffer Overflow Vulnerability in Oracle E-Business Suite

Mon, 02 Aug 2004 16:33:20 GMT

Alert #56, Rev 1, 23 July 2003. Patches are available on MetaLink.

Unauthorized Disclosure of Information in Oracle E-Business Suite

Mon, 02 Aug 2004 16:32:46 GMT

Alert #55, Rev 1, 23 July 2003. Patches are available on MetaLink.

Buffer Overflow in Net Services for Oracle Database Server

Mon, 02 Aug 2004 16:32:14 GMT

Alert #54, Rev 2, 30 April 2003. Patches are available on MetaLink.

Report Review Agent Vulnerability in Oracle E-Business Suite

Mon, 02 Aug 2004 16:31:41 GMT

Alert #53, Rev 1, 10 April 2003. Patches are available on MetaLink.

Two Security Vulnerabilities in Oracle9i Application Server

Mon, 02 Aug 2004 16:31:06 GMT

Alert #52, Rev 3, Updated 03 March 2003. Patches are available on MetaLink.

Buffer Overflow in ORACLE Executable of Oracle9i Database Server

Mon, 02 Aug 2004 16:30:22 GMT

Alert #51, Rev 6, Updated 18 April 2003. Patches are available on MetaLink.

Buffer Overflow in Oracle9i Database Server

Mon, 02 Aug 2004 16:29:37 GMT

Alert #50, Rev 6, Updated 18 April 2003. Patches are available on MetaLink.

Buffer Overflow in Oracle9i Database Server

Mon, 02 Aug 2004 16:29:03 GMT

Alert #49, Rev 6, Updated 18 April 2003. Patches are available on MetaLink.

Buffer Overflow in Oracle9i Database Server

Mon, 02 Aug 2004 16:28:26 GMT

Alert #48, Rev 6, Updated 18 April 2003. Patches are available on MetaLink.

Security Release of Apache 1.3.27

Mon, 02 Aug 2004 16:25:20 GMT

Alert #45, Rev 6, 20 May 2004. Patches are available on MetaLink.

Unauthorized Access Vulnerability in Oracle E-Business Suite, Release 11i

Mon, 02 Aug 2004 16:24:12 GMT

Alert #44, Rev 1, 04 October 2002. Download the mandatory patch from MetaLink.

Oracle9iAS Web Cache Administration Tool Vulnerability

Mon, 02 Aug 2004 16:23:35 GMT

Alert #43, Rev 1, 04 October 2002. Follow the workarounds as specified in the Alert.

Denial of Services Against Oracle Net Services

Mon, 02 Aug 2004 16:22:12 GMT

Alert #42, Rev 3, 16 December 2002. Download the patches from MetaLink.

Oracle9iAS OJSP Demo Vulnerability

Mon, 02 Aug 2004 16:21:43 GMT

Alert #41, Rev 1, 14 August 2002. Follow the workarounds as specified in the Alert.

Oracle Net Listener Vulnerabilities

Mon, 02 Aug 2004 16:20:37 GMT

Alert #40, Rev 3, 08 August 2002. Download the patches from MetaLink.

Web Cache (Oracle9iAS) Password Vulnerability

Mon, 02 Aug 2004 16:20:00 GMT

Alert #39, Rev 1, 08 August 2002. Follow the workaround as specified in the Alert.

Oracle Net Denial of Service Security Vulnerability

Mon, 02 Aug 2004 16:19:21 GMT

Alert #38, Rev 3, 08 August 2002. Download the patches from MetaLink.

OpenSSL Buffer Overflow

Mon, 02 Aug 2004 16:18:55 GMT

Alert #37, Updated 09 Aug 2002. Download the patches from MetaLink.

Security Vulnerability in Apache HTTP Server of Oracle9iAS

Mon, 02 Aug 2004 16:18:27 GMT

Alert #36, Updated 12 July 2002. Download the patches from MetaLink.

Buffer Overflow Vulnerability in Oracle9iAS Reports Server

Mon, 02 Aug 2004 16:18:04 GMT

Alert #35, 05 June 2002. Download the patches from MetaLink.

Buffer Overflow Vulnerability in Oracle Net (Oracle9i Database Server)

Mon, 02 Aug 2004 16:17:29 GMT

Alert #34, 05 June 2002. Download the patches from MetaLink.

User Privileges Vulnerability in Oracle9i Database Server

Mon, 02 Aug 2004 16:17:04 GMT

Alert #33, 17 April 2002. Download the patches from MetaLink.

Unauthorized Access Vulnerability in the Oracle E-business Suite

Mon, 02 Aug 2004 16:16:35 GMT

Alert #32, 17 April 2002. Download the patches from MetaLink.

Oracle Configurator Vulnerability

Mon, 02 Aug 2004 16:16:11 GMT

Alert #31, 01 April 2002. Download the patch from MetaLink and/or follow workarounds as specified in the Alert.

SNMP Vulnerability in Oracle Enterprise Manager, Master_Peer Agent, for Oracle9i Database

Mon, 02 Aug 2004 16:15:10 GMT

Alert #30, 05 March 2002. Download the patch from MetaLink.

Vulnerability in PL/SQL EXTPROC in Oracle9i Database

Mon, 02 Aug 2004 16:14:08 GMT

Alert #29, 07 August 2003. Download the patch from MetaLink or follow the workaround as described in the Alert.

Vulnerabilities in Oracle mod_plsql and JSP in Oracle9i Application Server, v1.0.2.x

Mon, 02 Aug 2004 16:13:35 GMT

Alert #28, 06 February 2002, UPDATED 05 JULY 2002. Download the patch from MetaLink and follow the workarounds as described in the Alert.

Vulnerabilities in Oracle9iAS Webcache

Mon, 02 Aug 2004 16:13:08 GMT

Alert #27, 28 December 2001

DoS Against Oracle9iAS

Mon, 02 Aug 2004 16:12:45 GMT

Alert #26

Vulnerabilities in mod_plsql

Mon, 02 Aug 2004 16:12:19 GMT

Alert #25

Oracle Database Server DBSNMP Vulnerabilities

Mon, 02 Aug 2004 16:11:48 GMT

Alert #23, 29 November 2001

Security Implications of the Oracle9iAS Default SOAP Configuration

Mon, 02 Aug 2004 16:11:18 GMT

Alert #22, Updated 23 September 2002

Oracle Label Security Mandatory Security Patch

Mon, 02 Aug 2004 16:10:53 GMT

Alert #21, 18 October 2001

Oracle File Overwrite Security Vulnerability

Mon, 02 Aug 2004 16:10:29 GMT

Alert #20, 18 October 2001

Oracle Trace Collection Security Vulnerability

Mon, 02 Aug 2004 16:09:50 GMT

Alert #19, Updated 29 November 2001

Oracle9iAS Web Cache Overflow Vulnerability

Mon, 02 Aug 2004 16:09:23 GMT

Alert #18, 18 October 2001

Oracle Internet Directory Buffer Overflow

Mon, 02 Aug 2004 16:09:03 GMT

Oracle SQL*Net/Net8 Malformed Packet Denial of Service

Mon, 02 Aug 2004 16:08:48 GMT

Oracle SQL*Net/Net8 Denial of Service

Mon, 02 Aug 2004 16:08:30 GMT

Oracle SQL*Net/Net8 Redirect Denial of Service

Mon, 02 Aug 2004 16:08:06 GMT

Launch of Forms from Oracle e-business Suite

Mon, 02 Aug 2004 16:07:49 GMT

Execution of Oracle JSP Outside doc_root

Mon, 02 Aug 2004 16:07:30 GMT

Unintended Execution of Oracle JSP

Tue, 13 Feb 2001 00:18:46 GMT

Oracle JVM FilePermission Vulnerability

Mon, 02 Aug 2004 16:06:27 GMT

Oracle Internet Directory Buffer Overflows

Mon, 02 Aug 2004 16:06:09 GMT

Oracle Connection Manager Control SUID

Mon, 02 Aug 2004 16:05:49 GMT

Oracle XSQL Servlet Vulnerability

Mon, 02 Aug 2004 16:05:31 GMT

Oracle Internet Application Server

Mon, 02 Aug 2004 16:05:14 GMT

Oracle Enterprise Manager Backup and Recovery

Mon, 02 Aug 2004 16:04:20 GMT

Net8 Listener Vulnerability

Mon, 02 Aug 2004 16:03:59 GMT

Oracle Application Server: Remote Command Execution

Mon, 02 Aug 2004 16:02:44 GMT

Security Vulnerabilities in Oracle9i Application Server

Mon, 02 Aug 2004 16:27:54 GMT

Alert #47, Rev 3, 23 July 2003. Follow the workarounds as specified in the Alert.

Buffer Overflow in iSQL*Plus (Oracle9i Database Server)

Mon, 02 Aug 2004 16:40:25 GMT

Alert #46, Rev 3, 11 November 2002. Patches are available on MetaLink.

Oracle Security Update

Tue, 12 Apr 2005 21:03:58 GMT

Alert #68, Rev 3, 27 December 2004. Patches are available on MetaLink.