Computer vulnerabilities of Oracle Identity Management

OpenJPEG: use after free via opj_image_destroy
An attacker can force the usage of a freed memory area via opj_image_destroy() of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
bulletinjul2020, cpuoct2020, CVE-2020-15389, DLA-2277-1, USN-4497-1, VIGILANCE-VUL-32797

SQLite: buffer overflow via Query Flattener Optimization
An attacker can trigger a buffer overflow via Query Flattener Optimization of SQLite, in order to trigger a denial of service, and possibly to run code...
bulletinoct2020, cpuoct2020, CVE-2020-15358, HT211931, USN-4438-1, VIGILANCE-VUL-32637

Apache Ant: file corruption
A local attacker can create a symbolic link, in order to alter the pointed file, with privileges of Apache Ant...
6344075, cpujul2020, cpuoct2020, CVE-2020-1945, FEDORA-2020-52741b0a49, FEDORA-2020-7f07da3fef, openSUSE-SU-2020:1022-1, USN-4380-1, VIGILANCE-VUL-32379

SQLite: three vulnerabilities
An attacker can use several vulnerabilities of SQLite...
cpujul2020, cpuoct2020, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, DLA-2340-1, FEDORA-2020-0477f8840e, FreeBSD-SA-20:22.sqlite, HT211931, RHSA-2020:4442-01, USN-4394-1, VIGILANCE-VUL-32354

Dom4J: external XML entity injection via SaxReader
An attacker can transmit malicious XML data via SaxReader() to Dom4J, in order to read a file, scan sites, or trigger a denial of service...
6356447, 6367943, cpuoct2020, CVE-2020-10683, DLA-2191-1, openSUSE-SU-2020:0719-1, RHSA-2020:3461-01, RHSA-2020:3462-01, RHSA-2020:3463-01, RHSA-2020:3464-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, USN-4575-1, VIGILANCE-VUL-32161

Apache log4j: Man-in-the-Middle via SmtpAppender
An attacker can act as a Man-in-the-Middle via SmtpAppender on Apache log4j, in order to read or write data in the session...
6371652, cpujul2020, cpuoct2020, CVE-2020-9488, VIGILANCE-VUL-32095

jQuery Core: Cross Site Scripting via HtmlPrefilter Regex
An attacker can trigger a Cross Site Scripting via HtmlPrefilter Regex of jQuery Core, in order to run JavaScript code in the context of the web site...
20200601, 20200602, 20200603, 20200604, 20200605, 6217392, 6253319, 6344075, 6367943, CERTFR-2020-AVI-310, CERTFR-2020-AVI-335, cpujul2020, cpuoct2020, CVE-2020-11022, CVE-2020-11023, DRUPAL-SA-CORE-2020-002, DRUPAL-SA-CORE-2020-003, DSA-4693-1, FEDORA-2020-0b32a59b54, FEDORA-2020-11be4b36d4, FEDORA-2020-7dddce530c, FEDORA-2020-8a15713da2, FEDORA-2020-fbb94073a1, K02453220, K66544153, KM03758436, NPM-1518, openSUSE-SU-2020:1060-1, openSUSE-SU-2020:1106-1, openSUSE-SU-2020:1888-1, OSA-2020-14, RHSA-2020:3936-01, RHSA-2020:4670-01, RHSA-2020:4847-01, VIGILANCE-VUL-32007

SQLite: assertion error via Table Renaming
An attacker can force an assertion error via Table Renaming of SQLite, in order to trigger a denial of service...
cpujul2020, cpuoct2020, CVE-2020-11656, FreeBSD-SA-20:22.sqlite, VIGILANCE-VUL-31996

SQLite: denial of service via RenameTokenCheckAll
An attacker can trigger a fatal error via RenameTokenCheckAll of SQLite, in order to trigger a denial of service...
cpujul2020, cpuoct2020, CVE-2020-11656, FreeBSD-SA-20:22.sqlite, VIGILANCE-VUL-31995

SQLite: denial of service via Window Functions
An attacker can trigger a fatal error via Window Functions of SQLite, in order to trigger a denial of service...
cpujul2020, cpuoct2020, CVE-2020-11655, DLA-2203-1, DLA-2340-1, FreeBSD-SA-20:22.sqlite, USN-4394-1, VIGILANCE-VUL-31994

Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Identity Management:

https://www.oracle.com/security/identity-management/governance/