ID

VAR-201101-0548

TITLE

RETIRED: Oracle January 2011 Critical Patch Update Multiple Vulnerabilities

DESCRIPTION

Oracle has released advance notification regarding the January 2011 Critical Patch Update (CPU) to be released on January 18, 2011. The update addresses 66 vulnerabilities affecting the following software: Oracle Database Server Oracle Secure Backup Oracle Fusion Middleware Oracle Enterprise Manager Grid Control Oracle Solaris products Oracle Applications Oracle Supply Chain Products Suite Oracle PeopleSoft and JDEdwards Suite Oracle Industry Applications Oracle Sun Products Oracle Open Office Suite Exploiting the most severe of these vulnerabilities may potentially compromise the database server or the host operating system. This BID is being retired. The following individual records exist to better document these issues: 34083 Sun Java System Communications Express Multiple HTML Injection Vulnerabilities 40235 MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability 42202 OpenOffice Impress File Multiple Buffer Overflow Vulnerabilities 42637 Apache Derby 'BUILTIN' Authentication Insecure Password Hashing Vulnerability 43819 GNU libc glob(3) 'GLOB_LIMIT' Remote Denial of Service Vulnerability 43965 Oracle Java SE and Java for Business CVE-2010-3571 ICC Profile Vulnerability 43971 Oracle Java SE and Java for Business CVE-2010-3556 Remote 2D Vulnerability 43979 Oracle Java SE and Java for Business CVE-2010-3562 Remote 2D Vulnerability 43985 Oracle Java SE and Java for Business CVE-2010-3565 JPEGImageWriter.writeImage Vulnerability 43988 Oracle Java SE and Java for Business CVE-2010-3566 ICC Profile Vulnerability 43992 Oracle Java SE and Java for Business CVE-2010-3567 Remote 2D Vulnerability 43994 Oracle Java SE and Java for Business CVE-2010-3554 Remote CORBA Vulnerability 44009 Oracle Java SE and Java for Business CVE-2010-3551 Remote Networking Vulnerability 44011 Oracle Java SE and Java for Business CVE-2010-3574 Remote Networking Vulnerability 44012 Oracle Java SE and Java for Business CVE-2010-3568 Remote Java Runtime Environment Vulnerability 44013 Oracle Java SE and Java for Business CVE-2010-3561 Remote CORBA Vulnerability 44014 Oracle Java SE and Java for Business CVE-2010-3557 Remote Swing Vulnerability 44016 Oracle Java SE and Java for Business 'defaultReadObject' Remote Code Execution Vulnerability 44017 Oracle Java SE and Java for Business CVE-2010-3548 Remote JNDI Vulnerability 44026 Oracle Java SE and Java for Business CVE-2010-3559 HeadspaceSoundbank.nGetName Vulnerability 44027 Oracle Java SE and Java for Business CVE-2010-3549 HTTP Response Splitting Vulnerability 44028 Oracle Java SE and Java for Business CVE-2010-3573 Same Origin Bypass Vulnerability 44030 Oracle Java SE and Java for Business CVE-2010-3572 Remote Sound Vulnerability 44032 Oracle Java SE and Java for Business CVE-2010-3541 Remote Networking Vulnerability 44035 Oracle Java SE and Java for Business CVE-2010-3553 Remote Swing Vulnerability 44038 Oracle Java SE and Java for Business CVE-2010-3555 Remote ActiveX Plug-in Vulnerability 45844 Oracle Audit Vault CVE-2010-4449 Remote Code Execution Vulnerability 45845 Oracle Database Server CVE-2010-4413 Remote Scheduler Agent Vulnerability 45846 Oracle Document Capture CVE-2010-3598 Remote Vulnerability 45847 Oracle WebLogic Server CVE-2010-3510 Remote Security Vulnerability 45848 Oracle Fusion Middleware CVE-2010-4455 Remote Oracle HTTP Server Vulnerability 45849 Oracle Document Capture CVE-2010-3595 Remote Vulnerability 45850 Oracle Secure Backup CVE-2010-3596 Remote mod_ssl Vulnerability 45851 Oracle Document Capture CVE-2010-3591 Remote Vulnerability 45852 Oracle Fusion Middleware CVE-2010-4437 Remote Oracle WebLogic Server Vulnerability 45853 Oracle Solaris CVE-2010-4435 Remote CDE Calendar Manager Service Daemon Vulnerability 45854 Oracle Fusion Middleware CVE-2010-4417 Beehive Remote Code Execution Vulnerability 45855 Oracle Database Server CVE-2010-4420 Local Database Vault Vulnerability 45856 Oracle Document Capture CVE-2010-3599 Remote Vulnerability 45857 Oracle PeopleSoft Enterprise HRMS CVE-2010-4461 Remote Vulnerability 45858 Oracle Fusion Middleware CVE-2010-3588 Remote Oracle Discoverer Vulnerability 45859 Oracle Cluster Verify Utility CVE-2010-4423 Local Vulnerability 45860 Oracle Supply Chain Product CVE-2010-4429 Remote Security Vulnerability 45861 Oracle Application Object Library CVE-2010-3589 Remote Security Vulnerability 45862 Oracle PeopleSoft Enterprise PeopleTools CVE-2010-4424 Remote Vulnerability 45863 Oracle PeopleSoft Enterprise HRMS CVE-2010-4430 Remote Vulnerability 45864 Oracle Solaris 11 Express CVE-2010-4457 Remote CIFS Vulnerability 45865 Oracle PeopleSoft CVE-2010-4418 Remote Enterprise PeopleTools Vulnerability 45866 Oracle PeopleSoft Enterprise HRMS CVE-2010-4439 Remote Vulnerability 45867 Oracle PeopleSoft Enterprise PeopleTools CVE-2010-4426 Remote Vulnerability 45868 Oracle Fusion Middleware CVE-2010-4416 Remote Oracle GoldenGate Veridata Vulnerability 45869 Oracle PeopleSoft Enterprise HRMS CVE-2010-4445 Remote Vulnerability 45870 Oracle E-Business Suite CVE-2010-3587 Common Applications Component Remote Vulnerability 45871 Oracle Document Capture CVE-2010-3592 Remote Vulnerability 45872 Oracle Supply Chain Product CVE-2010-3505 Remote Security Vulnerability 45873 Oracle PeopleSoft Enterprise HRMS CVE-2010-4428 Remote Vulnerability 45874 Oracle Enterprise Manager Real User Experience Insight (RUEI) SQL Injection Vulnerability 45875 Oracle Transportation Manager CVE-2010-4432 Remote Security Vulnerability 45876 Oracle VM VirtualBox CVE-2010-4414 Local Extensions Vulnerability 45877 Oracle Fusion Middleware CVE-2010-4453 Remote Oracle WebLogic Server Vulnerability 45878 Oracle Solaris CVE-2010-4459 Local Vulnerability 45879 Oracle PeopleSoft CVE-2010-4419 Remote Enterprise CRM Vulnerability 45880 Oracle Spatial CVE-2010-3590 Remote Security Vulnerability 45881 Oracle PeopleSoft CVE-2010-4441 Remote Enterprise HRMS Vulnerability 45883 Oracle Database and Enterprise Manager Grid Control Remote Code Execution Vulnerability 45884 Oracle OpenSSO and Java SAM CVE-2010-4444 Remote Vulnerability 45885 Oracle SunMC CVE-2010-4436 Remote Vulnerability 45886 Oracle Solaris CVE-2010-4443 Local Solaris Vulnerability 45887 Oracle Sun Convergence CVE-2010-4464 Remote Vulnerability 45888 Oracle Sun Solaris CVE-2010-4440 Local Security Vulnerability 45889 Oracle Solaris CVE-2010-4458 Local Solaris Vulnerability 45890 Oracle Sun GlassFish and Message Queue CVE-2010-4438 Local Security Vulnerability 45891 Oracle Solaris CVE-2010-4442 Local Kernel Vulnerability 45892 Oracle Sun Solaris CVE-2010-4446 Local Security Vulnerability 45893 Oracle Sun Solaris 10 CVE-2010-4433 Remote Security Vulnerability 45895 Oracle Solaris CVE-2010-4460 Local Solaris Vulnerability 45896 Oracle Sun Java System Communications Express CVE-2010-4456 Remote Web Mail Vulnerability 45897 Oracle BI Publisher CVE-2010-4425 Remote Security Vulnerability 45898 Oracle Sun Java System Portal Server CVE-2010-4431 Local Security Vulnerability 45899 Oracle PeopleSoft CVE-2010-4434 Remote Enterprise PeopleTools Vulnerability 45900 Oracle BI Publisher CVE-2010-4427 Remote Security Vulnerability 45901 Oracle Outside In Technology CVE-2010-3597 Local Security Vulnerability 45902 Oracle CVE-2010-3593 Remote Health Sciences - Oracle Argus Safety Vulnerability 45903 Oracle Sun Solaris CVE-2010-3586 Local Security Vulnerability 45904 Oracle Solaris CVE-2010-4415 Local 'libc' Vulnerability 45905 Oracle Database Vault CVE-2010-4421 Remote Security Vulnerability

AFFECTED PRODUCTS

THREAT TYPE

network

TYPE

Unknown

EXTERNAL IDS

REFERENCES

CREDITS

Oracle

SOURCES

LAST UPDATE DATE

2022-05-17T02:08:18.831000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE