The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Oracle Internet Application Server

vulnerability bulletin CVE-2011-3389 CVE-2013-0169 CVE-2013-2172

Oracle Fusion Middleware: several vulnerabilities of October 2013

Synthesis of the vulnerability

Several vulnerabilities of Oracle Fusion Middleware are fixed by the CPU of October 2013.
Impacted products: Oracle AS, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle Portal, WebLogic.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 15.
Creation date: 16/10/2013.
Identifiers: BID-63041, BID-63043, BID-63049, BID-63052, BID-63054, BID-63058, BID-63066, BID-63069, BID-63074, CERTA-2013-AVI-575, cpuoct2013, CVE-2011-3389, CVE-2013-0169, CVE-2013-2172, CVE-2013-3827, CVE-2013-3828, CVE-2013-3831, CVE-2013-3833, CVE-2013-3836, CVE-2013-5773, CVE-2013-5798, CVE-2013-5813, CVE-2013-5815, CVE-2013-5816, RHSA-2013:1437-01, RHSA-2014:1369-01, VIGILANCE-VUL-13603, ZDI-13-249.

Description of the vulnerability

A Critical Patch Update fixes several vulnerabilities of Oracle Fusion Middleware.

An attacker can use a vulnerability of Security, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63041, CVE-2013-5815]

An attacker can use a SQL injection in PORTAL_DEMO.ORG_CHART, in order to read or alter data. [severity:2/4; BID-63043, CVE-2013-3831]

An attacker can use a vulnerability of Content Server, in order to obtain or alter information. [severity:2/4; BID-63049, CVE-2013-5813]

An attacker can use a vulnerability of Java Server Faces, in order to obtain information. [severity:2/4; CVE-2013-3827]

An attacker can use a vulnerability of Metro, in order to trigger a denial of service. [severity:2/4; BID-63054, CVE-2013-5816]

An attacker can use a vulnerability of Web Container, in order to obtain information. [severity:2/4; CVE-2013-3827]

An attacker can traverse directories in Test Page BPEL Process Manager, in order to read a file outside the root path. [severity:2/4; BID-63058, CVE-2013-3828, ZDI-13-249]

An attacker can use a vulnerability of Web Container, in order to obtain information. [severity:2/4; BID-63052, CVE-2013-3827]

An attacker can use a vulnerability of Authentication Engine, in order to alter information. [severity:2/4; CVE-2013-3833]

An attacker can use a vulnerability of Servlet Runtime, in order to alter information. [severity:2/4; BID-63066, CVE-2013-5773]

An attacker can use a vulnerability of Metro, in order to alter information. [severity:2/4; CVE-2013-2172]

An attacker can use a vulnerability of End User Self Service, in order to alter information. [severity:2/4; BID-63069, CVE-2013-5798]

An attacker can use a vulnerability of SSL/TLS, in order to obtain information (VIGILANCE-VUL-11014). [severity:2/4; CVE-2011-3389]

An attacker can use a vulnerability of ESI/Partial Page Caching, in order to obtain information. [severity:2/4; BID-63074, CVE-2013-3836]

An attacker can use a vulnerability of SSL/TLS, in order to obtain information (VIGILANCE-VUL-12374). [severity:1/4; CVE-2013-0169]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2005-3352 CVE-2006-5752 CVE-2007-3847

Oracle Fusion Middleware: several vulnerabilities of July 2013

Synthesis of the vulnerability

Several vulnerabilities of Oracle Fusion Middleware are fixed by the CPU of July 2013.
Impacted products: Oracle AS, Oracle Fusion Middleware, WebLogic.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 19.
Creation date: 17/07/2013.
Identifiers: BID-61224, CERTA-2013-AVI-425, cpujuly2013, CVE-2005-3352, CVE-2006-5752, CVE-2007-3847, CVE-2007-5000, CVE-2007-6388, CVE-2008-2364, CVE-2010-0425, CVE-2010-0434, CVE-2010-2068, CVE-2011-0419, CVE-2011-3348, CVE-2012-2687, CVE-2013-2461, CVE-2013-3755, CVE-2013-3763, CVE-2013-3764, CVE-2013-3769, CVE-2013-3770, CVE-2013-3772, VIGILANCE-VUL-13129.

Description of the vulnerability

A Critical Patch Update fixes several vulnerabilities of Oracle Fusion Middleware.

An attacker can use a vulnerability of Oracle JRockit, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; CVE-2013-2461]

An attacker can use a vulnerability of Oracle Endeca Server, in order to obtain or alter information. [severity:2/4; CVE-2013-3763]

An attacker can use a vulnerability of Oracle Endeca Server, in order to obtain or alter information. [severity:2/4; BID-61224, CVE-2013-3764]

An attacker can use a vulnerability of WebCenter, in order to obtain or alter information. [severity:2/4; CVE-2013-3770]

An attacker can use a vulnerability of Oracle HTTP Server, in order to obtain information. [severity:2/4; CVE-2010-2068]

An attacker can use a vulnerability of Oracle HTTP Server, in order to create a denial of service. [severity:2/4; CVE-2007-3847]

An attacker can use a vulnerability of Oracle HTTP Server, in order to create a denial of service. [severity:2/4; CVE-2008-2364]

An attacker can use a vulnerability of Oracle HTTP Server, in order to obtain information. [severity:2/4; CVE-2010-0425]

An attacker can use a vulnerability of Oracle Access Manager, in order to alter information. [severity:2/4; CVE-2013-3755]

An attacker can use a vulnerability of Oracle HTTP Server, in order to alter information. [severity:2/4; CVE-2006-5752]

An attacker can use a vulnerability of Oracle HTTP Server, in order to alter information. [severity:2/4; CVE-2007-6388]

An attacker can use a vulnerability of Oracle HTTP Server, in order to alter information. [severity:2/4; CVE-2007-5000]

An attacker can use a vulnerability of Oracle HTTP Server, in order to alter information. [severity:2/4; CVE-2012-2687]

An attacker can use a vulnerability of Oracle HTTP Server, in order to create a denial of service. [severity:2/4; CVE-2011-3348]

An attacker can use a vulnerability of Oracle HTTP Server, in order to create a denial of service. [severity:2/4; CVE-2011-0419]

An attacker can use a vulnerability of Oracle HTTP Server, in order to alter information. [severity:2/4; CVE-2005-3352]

An attacker can use a vulnerability of Oracle HTTP Server, in order to obtain information. [severity:2/4; CVE-2010-0434]

An attacker can use a vulnerability of Oracle WebCenter Content, in order to alter information. [severity:2/4; CVE-2013-3769]

An attacker can use a vulnerability of Oracle WebCenter Content, in order to alter information. [severity:2/4; CVE-2013-3772]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2007-1862 CVE-2009-0023 CVE-2009-1191

Oracle Fusion Middleware: several vulnerabilities of April 2013

Synthesis of the vulnerability

Several vulnerabilities of Oracle Fusion Middleware are fixed by the CPU of April 2013.
Impacted products: Oracle AS, Oracle Fusion Middleware, WebLogic.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 28.
Creation date: 17/04/2013.
Identifiers: BID-24553, BID-34663, BID-35221, BID-35251, BID-35253, BID-35565, BID-36596, BID-38491, BID-38494, BID-40827, BID-42102, BID-52107, BID-54156, BID-59086, BID-59087, BID-59091, BID-59095, BID-59097, BID-59099, BID-59101, BID-59102, BID-59105, BID-59107, BID-59110, BID-59112, BID-59115, BID-59122, BID-59132, BID-59140, CERTA-2013-AVI-247, cpuapr2013, CVE-2007-1862, CVE-2009-0023, CVE-2009-1191, CVE-2009-1890, CVE-2009-1955, CVE-2009-1956, CVE-2009-2699, CVE-2010-0408, CVE-2010-2068, CVE-2010-2791, CVE-2012-0841, CVE-2012-2751, CVE-2012-4303, CVE-2013-1497, CVE-2013-1503, CVE-2013-1504, CVE-2013-1509, CVE-2013-1514, CVE-2013-1516, CVE-2013-1522, CVE-2013-1529, CVE-2013-1542, CVE-2013-1545, CVE-2013-1553, CVE-2013-1559, CVE-2013-1565, CVE-2013-2380, CVE-2013-2390, VIGILANCE-VUL-12680, ZDI-13-091, ZDI-13-094.

Description of the vulnerability

A Critical Patch Update fixes several vulnerabilities of Oracle Fusion Middleware.

An attacker can use a vulnerability of Oracle JRockit, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-59086, CVE-2013-2380]

An attacker can construct complex XML data in order to generate a denial of service in applications linked to APR-util (VIGILANCE-VUL-8761). [severity:3/4; BID-35253, CVE-2009-1955]

An attacker can use a malicious query in order to generate a denial of service of mod_proxy in reverse proxy mode (VIGILANCE-VUL-8837). [severity:3/4; BID-35565, CVE-2009-1890]

An attacker can generate an off by one overflow in the apr_brigade_vprintf() function of Apache APR-util (VIGILANCE-VUL-8768). [severity:3/4; BID-35251, CVE-2009-1956]

An attacker can use a vulnerability of Oracle Web Services Manager, in order to obtain or alter information. [severity:3/4; BID-59099, CVE-2013-1553]

An attacker can use a vulnerability of Oracle GoldenGate Veridata, in order to create a denial of service. [severity:2/4; BID-59101, CVE-2013-1565]

An attacker can send data generating storage collisions, in order to overload a service (VIGILANCE-VUL-11384). [severity:2/4; BID-52107, CVE-2012-0841]

An attacker can obtain memory fragments when mod_mem_cache is used (VIGILANCE-VUL-6928). [severity:2/4; BID-24553, CVE-2007-1862]

In some cases, the mod_proxy_ajp module can send to the client data belonging to another user (VIGILANCE-VUL-8669). [severity:2/4; BID-34663, CVE-2009-1191]

An attacker can open several sessions when Apache httpd is installed under Solaris, in order to stop it (VIGILANCE-VUL-9074). [severity:2/4; BID-36596, CVE-2009-2699]

An attacker can use a vulnerability of Oracle HTTP Server, in order to create a denial of service. [severity:2/4; BID-59105, CVE-2013-1545]

An attacker can generate a denial of service in mod_proxy_ajp and mod_isapi modules of Apache httpd (VIGILANCE-VUL-9487). [severity:2/4; BID-38491, BID-38494, CVE-2010-0408]

When mod_proxy is installed Unix, an attacker can obtain documents belonging to the session of another user (VIGILANCE-VUL-9801). [severity:2/4; BID-42102, CVE-2010-2791]

When mod_proxy_http is used on Netware, OS2 or Windows, an attacker can obtain documents belonging to the session of another user (VIGILANCE-VUL-9705). [severity:2/4; BID-40827, CVE-2010-2068]

An attacker can use a vulnerability of Oracle COREid Access, in order to alter information. [severity:2/4; BID-59087, CVE-2013-1497]

An attacker can use a vulnerability of Oracle Containers for J2EE, in order to alter information. [severity:2/4; BID-59095, CVE-2013-1542]

An attacker can create a denial of service in applications using apr_strmatch of APR-util (VIGILANCE-VUL-8766). [severity:2/4; BID-35221, CVE-2009-0023]

An attacker can use a special HTTP multipart/form-data query, in order to bypass security rules of ModSecurity (VIGILANCE-VUL-11719). [severity:2/4; BID-54156, CVE-2012-2751]

An attacker can use a vulnerability of Oracle WebCenter Content, in order to alter information. [severity:2/4; BID-59110, CVE-2013-1522]

An attacker can use a vulnerability of Oracle WebCenter Interaction, in order to alter information. [severity:2/4; BID-59091, CVE-2013-1529]

An attacker can use a vulnerability of Oracle WebLogic Server, in order to alter information. [severity:2/4; BID-59115, CVE-2013-1504]

An attacker can use a vulnerability of Oracle WebLogic Server, in order to alter information. [severity:2/4; BID-59097, CVE-2013-2390]

An attacker can use a vulnerability of Oracle Containers for J2EE, in order to alter information. [severity:2/4; BID-59102, CVE-2013-1514]

An attacker can use a vulnerability of Oracle WebCenter Capture, in order to create a denial of service. [severity:2/4; BID-59112, CVE-2013-1516, ZDI-13-091]

An attacker can use a vulnerability of Oracle WebCenter Content, in order to create a denial of service. [severity:2/4; BID-59122, CVE-2013-1559, ZDI-13-094]

An attacker can use a vulnerability of Oracle WebCenter Sites, in order to alter information. [severity:2/4; BID-59132, CVE-2013-1509]

An attacker can use a vulnerability of Oracle WebCenter Content, in order to alter information. [severity:2/4; BID-59107, CVE-2013-1503]

An attacker can use a vulnerability of Oracle WebCenter Content, in order to obtain information. [severity:2/4; BID-59140, CVE-2012-4303]
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2011-5035 CVE-2012-0022 CVE-2012-1677

Oracle Fusion Middleware: several vulnerabilities of January 2013

Synthesis of the vulnerability

Several vulnerabilities of Oracle Fusion Middleware are fixed by the CPU of January 2013.
Impacted products: Oracle AS, Oracle Fusion Middleware, WebLogic.
Severity: 2/4.
Consequences: data creation/edition, denial of service on server.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 5.
Creation date: 16/01/2013.
Identifiers: BID-57342, BID-57348, CERTA-2013-AVI-041, cpujan2013, CVE-2011-5035, CVE-2012-0022, CVE-2012-1677, CVE-2012-5097, VIGILANCE-VUL-12332.

Description of the vulnerability

A Critical Patch Update fixes several vulnerabilities of Oracle Fusion Middleware.

An attacker can use a vulnerability of Management Pack for Oracle GoldenGate, in order to create a denial of service. [severity:2/4; CVE-2012-0022]

An attacker can use a vulnerability of Oracle GoldenGate Veridata, in order to create a denial of service. [severity:2/4; CVE-2012-0022]

An attacker can use a vulnerability of Oracle WebLogic Server, in order to create a denial of service (VIGILANCE-VUL-11254). [severity:2/4; CVE-2011-5035]

An attacker can use a vulnerability of Oracle Access Manager, in order to alter information. [severity:2/4; BID-57348, CVE-2012-5097]

An attacker can use a vulnerability of Oracle Application Server Single Sign-On, in order to alter information. [severity:2/4; BID-57342, CVE-2012-1677]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2011-3368 CVE-2011-3562 CVE-2011-4317

Oracle Fusion Middleware: several vulnerabilities of July 2012

Synthesis of the vulnerability

Several vulnerabilities of Oracle Fusion Middleware are corrected by the CPU of July 2012.
Impacted products: Oracle AS, Oracle Fusion Middleware, Oracle Identity Management, Oracle Portal.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 8.
Creation date: 18/07/2012.
Identifiers: BID-54492, BID-54494, BID-54495, BID-54514, BID-54516, BID-54520, CERTA-2012-AVI-393, cpujul2012, CVE-2011-3368, CVE-2011-3562, CVE-2011-4317, CVE-2012-1736, CVE-2012-1741, CVE-2012-1749, CVE-2012-3115, CVE-2012-3135, VIGILANCE-VUL-11776.

Description of the vulnerability

A Critical Patch Update corrects several vulnerabilities of Oracle Fusion Middleware.

An attacker can use a vulnerability of Oracle JRockit, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-54494, CVE-2012-3135]

An attacker can use a vulnerability of Enterprise Manager for Fusion Middleware, in order to obtain or alter information. [severity:2/4; BID-54492, CVE-2012-1741]

An attacker can use a vulnerability of Oracle HTTP Server, in order to obtain information. [severity:2/4; CVE-2011-3368]

An attacker can use a vulnerability of Oracle MapViewer, in order to obtain information. [severity:2/4; BID-54514, CVE-2012-1736]

An attacker can use a vulnerability of Oracle MapViewer, in order to obtain information. [severity:2/4; BID-54516, CVE-2012-1749]

An attacker can use a vulnerability of Oracle HTTP Server, in order to alter information. [severity:2/4; CVE-2011-4317]

An attacker can use a vulnerability of Oracle MapViewer, in order to alter information. [severity:2/4; BID-54520, CVE-2012-3115]

An attacker can use a vulnerability of Portal, in order to alter information. [severity:2/4; BID-54495, CVE-2011-3562]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2012-0515 CVE-2012-0522 CVE-2012-0532

Oracle Fusion Middleware: several vulnerabilities of April 2012

Synthesis of the vulnerability

Several vulnerabilities of Oracle Fusion Middleware are corrected by the CPU of April 2012.
Impacted products: Oracle AS, Oracle Fusion Middleware, Oracle Identity Management, Oracle OIT.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 11.
Creation date: 18/04/2012.
Identifiers: BID-53053, BID-53054, BID-53060, BID-53062, BID-53069, BID-53070, BID-53079, BID-53082, BID-53083, BID-53087, CERTA-2012-AVI-220, cpuapr2012, CVE-2012-0515, CVE-2012-0522, CVE-2012-0532, CVE-2012-0543, CVE-2012-0554, CVE-2012-0555, CVE-2012-0556, CVE-2012-0557, CVE-2012-1695, CVE-2012-1709, CVE-2012-1710, VIGILANCE-VUL-11550, ZDI-12-073, ZDI-12-074, ZDI-12-150, ZDI-12-151, ZDI-12-152, ZDI-12-202.

Description of the vulnerability

A Critical Patch Update corrects several vulnerabilities of Oracle Fusion Middleware.

An attacker can use a vulnerability of Oracle JRockit, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; CVE-2012-1695]

An attacker can use a vulnerability of Oracle Outside In Technology, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-53069, CVE-2012-0554]

An attacker can use a vulnerability of Oracle Outside In Technology, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-53070, CVE-2012-0555]

An attacker can use a vulnerability of Oracle Outside In Technology, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-53087, CVE-2012-0556]

An attacker can use a vulnerability of Oracle Outside In Technology, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-53054, CVE-2012-0557]

An attacker can use a vulnerability of Oracle WebCenter Forms Recognition, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-53082, CVE-2012-1709, ZDI-12-074]

An attacker can use a vulnerability of Oracle WebCenter Forms Recognition, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-53062, CVE-2012-1710, ZDI-12-073]

An attacker can use a vulnerability of Identity Manager, in order to obtain or alter information. [severity:2/4; BID-53060, CVE-2012-0532]

An attacker can use a vulnerability of BI Publisher (XML Publisher), in order to alter information. [severity:2/4; BID-53083, CVE-2012-0543]

An attacker can use a vulnerability of Oracle JDeveloper, in order to alter information. [severity:2/4; BID-53053, CVE-2012-0522]

An attacker can use a vulnerability of Identity Manager Connector, in order to alter information. [severity:2/4; BID-53079, CVE-2012-0515]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2011-3414 CVE-2011-4461 CVE-2011-4462

Multiple: denial of service via hash collision

Synthesis of the vulnerability

An attacker can send data generating storage collisions, in order to overload a service.
Impacted products: CheckPoint Endpoint Security, CheckPoint Security Gateway, Debian, Fedora, WebSphere AS Traditional, IIS, .NET Framework, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 7, Windows Vista, Windows XP, Snap Creator Framework, openSUSE, Oracle AS, Oracle Communications, Oracle DB, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle Internet Directory, Oracle iPlanet Web Server, Tuxedo, WebLogic, Oracle Web Tier, RHEL.
Severity: 3/4.
Consequences: denial of service on service, denial of service on client.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 11.
Creation date: 28/12/2011.
Revision date: 22/02/2012.
Identifiers: 1506603, 2638420, 2659883, BID-51186, BID-51194, BID-51195, BID-51196, BID-51197, BID-51199, BID-51235, BID-51441, CERTA-2011-AVI-727, CERTA-2011-AVI-728, cpujul2018, CVE-2011-3414, CVE-2011-4461, CVE-2011-4462, CVE-2011-4885, CVE-2011-5034, CVE-2011-5035, CVE-2011-5036, CVE-2011-5037, CVE-2012-0039, CVE-2012-0193, CVE-2012-0839, DSA-2783-1, DSA-2783-2, FEDORA-2012-0730, FEDORA-2012-0752, MS11-100, n.runs-SA-2011.004, NTAP-20190307-0004, oCERT-2011-003, openSUSE-SU-2012:0262-1, PM53930, RHSA-2012:1604-01, RHSA-2012:1605-01, RHSA-2012:1606-01, RHSA-2013:1455-01, RHSA-2013:1456-01, sk66350, VIGILANCE-VUL-11254, VU#903934.

Description of the vulnerability

A hash table stores information, as keys pointing to values. Each key is converted to an integer, which is the index of the area where to store data. For example:
 - keyA is converted to 34
 - keyB is converted to 13
Data are then stored at offsets 34 and 13.

In most cases, these keys generate integers which are uniformly located in the storage area (which runs for example between 0 and 99). However, if an attacker computes his keys in such a way that they are converted to the same integer (for example 34), all data are stored at the same location (at the index 34). The access time to these data is thus very large.

A posted HTTP form is used to send a lot of variables. For example: var1=a, var2=b, etc. Web servers store these variables in a hash table. However, if the attacker computes his keys (variable names) in such a way that they are all stored at the same place, he can overload the server.

Other features, such as a JSON parser or additional services, can also be used as an attack vector.

The following products are also impacted:
 - Apache APR (VIGILANCE-VUL-11380)
 - Apache Xerces-C++ (VIGILANCE-VUL-15082)
 - Apache Xerces Java (VIGILANCE-VUL-15083)
 - expat (VIGILANCE-VUL-11420)
 - Java Lightweight HTTP Server (VIGILANCE-VUL-11381)
 - Java Language (VIGILANCE-VUL-11715)
 - libxml2 (VIGILANCE-VUL-11384)
 - PHP (VIGILANCE-VUL-11379)
 - Python (VIGILANCE-VUL-11416)
 - Ruby (VIGILANCE-VUL-11382)
 - Tomcat (VIGILANCE-VUL-11383)

An attacker can therefore send data generating storage collisions, in order to overload a service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2011-3531 CVE-2011-3566 CVE-2011-3568

Oracle Fusion Middleware: several vulnerabilities of January 2012

Synthesis of the vulnerability

Several vulnerabilities of Oracle Fusion Middleware are corrected by the CPU of January 2012.
Impacted products: Oracle AS, Oracle Fusion Middleware, Oracle OIT, WebLogic.
Severity: 3/4.
Consequences: user access/rights, client access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 11.
Creation date: 18/01/2012.
Identifiers: BID-50992, BID-51451, BID-51454, BID-51457, BID-51460, BID-51462, BID-51463, BID-51469, BID-51471, CERTA-2012-AVI-119, cpujan2012, CVE-2011-3531, CVE-2011-3566, CVE-2011-3568, CVE-2011-3569, CVE-2011-4516, CVE-2011-4517, CVE-2012-0077, CVE-2012-0083, CVE-2012-0084, CVE-2012-0085, CVE-2012-0110, VIGILANCE-VUL-11295, VU#738961, ZDI-12-017.

Description of the vulnerability

A Critical Patch Update corrects several vulnerabilities of Oracle Fusion Middleware.

An attacker can use a vulnerability of Search, in order to obtain or alter information. [severity:3/4; BID-51451, CVE-2012-0083]

An attacker can use a vulnerability of Web Services Security, in order to obtain or alter information. [severity:3/4; BID-51463, CVE-2011-3568]

An attacker can use a vulnerability of Web Services Security, in order to create a denial of service. [severity:2/4; BID-51471, CVE-2011-3531]

An attacker can use a vulnerability of Web Services Security, in order to obtain information. [severity:2/4; BID-51462, CVE-2011-3569]

An attacker can use a vulnerability of Web Container, in order to create a denial of service. [severity:2/4; BID-51469, CVE-2011-3566]

An attacker can use a vulnerability of JPEG 2000 Filter, in order to obtain information, to alter information, or to create a denial of service (VIGILANCE-VUL-11211). [severity:2/4; BID-50992, CVE-2011-4516]

An attacker can use a vulnerability of JPEG 2000 Filter, in order to obtain information, to alter information, or to create a denial of service (VIGILANCE-VUL-11211). [severity:2/4; BID-50992, CVE-2011-4517]

An attacker can send a malformed Lotus 123 file to an application using Oracle Outside In module, in order to execute code (VIGILANCE-VUL-11304). [severity:2/4; CERTA-2012-AVI-119, CVE-2012-0110, VU#738961, ZDI-12-017]

An attacker can use a vulnerability of Content Server, in order to alter information. [severity:2/4; BID-51457, CVE-2012-0085]

An attacker can use a vulnerability of Content Server, in order to alter information. [severity:2/4; BID-51454, CVE-2012-0084]

An attacker can use a vulnerability of WLS-Console, in order to alter information. [severity:2/4; BID-51460, CVE-2012-0077]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2011-2237 CVE-2011-2255 CVE-2011-2314

Oracle Fusion: several vulnerabilities of October 2011

Synthesis of the vulnerability

Several vulnerabilities of Oracle Fusion are corrected by the CPU of October 2011.
Impacted products: Oracle AS, Oracle Fusion Middleware, Oracle Identity Management, Oracle OIT, WebLogic.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 10.
Creation date: 19/10/2011.
Identifiers: BID-49303, BID-50198, BID-50202, BID-50205, BID-50206, BID-50207, BID-50209, BID-50210, BID-50212, BID-50213, CERTA-2011-AVI-488, CERTA-2011-AVI-490, CERTA-2011-AVI-494, CERTA-2011-AVI-530, CERTA-2011-AVI-560, CERTA-2011-AVI-586, CERTA-2012-AVI-221, cpuoct2011, CVE-2011-2237, CVE-2011-2255, CVE-2011-2314, CVE-2011-2318, CVE-2011-2319, CVE-2011-2320, CVE-2011-3192, CVE-2011-3510, CVE-2011-3523, CVE-2011-3541, VIGILANCE-VUL-11074, VU#405811.

Description of the vulnerability

A Critical Patch Update corrects several vulnerabilities of Oracle Fusion.

An attacker can use a vulnerability of Oracle WebLogic Portal, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-50205, CVE-2011-2255]

An attacker can use several parallel queries using Range or Request-Range, in order to progressively use the available memory of the Oracle HTTP Server (VIGILANCE-VUL-10944). [severity:2/4; BID-49303, CERTA-2011-AVI-488, CERTA-2011-AVI-490, CERTA-2011-AVI-494, CERTA-2011-AVI-530, CERTA-2011-AVI-560, CERTA-2012-AVI-221, CVE-2011-3192, VU#405811]

An attacker can use a vulnerability of Oracle WebLogic Server, in order to obtain information. [severity:2/4; BID-50198, CVE-2011-2320]

An attacker can use a vulnerability of Oracle Business Intelligence Enterprise Edition, in order to obtain or alter information. [severity:2/4; BID-50213, CVE-2011-3510]

An attacker can use a vulnerability of Oracle Containers for J2EE, in order to alter information. [severity:2/4; BID-50202, CVE-2011-2314]

An attacker can use a vulnerability of Oracle WebLogic Server, in order to obtain information. [severity:2/4; BID-50206, CVE-2011-2319]

An attacker can use a vulnerability of Oracle Web Services Manager, in order to alter information. [severity:2/4; BID-50212, CERTA-2011-AVI-586, CVE-2011-2237]

An attacker can use a vulnerability of Oracle Web Services Manager, in order to alter information. [severity:2/4; BID-50209, CVE-2011-3523]

An attacker can use a vulnerability of Oracle Outside In Technology, in order to create a denial of service. [severity:1/4; BID-50207, CVE-2011-3541]

An attacker can use a vulnerability of Oracle WebLogic Server, in order to obtain information. [severity:1/4; BID-50210, CVE-2011-2318]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2011-3192

Apache httpd: denial of service via Range or Request-Range

Synthesis of the vulnerability

An attacker can use several parallel queries using Range or Request-Range, in order to progressively use the available memory.
Impacted products: Apache httpd, CheckPoint Endpoint Security, IPSO, CheckPoint Security Gateway, CiscoWorks, Nexus by Cisco, NX-OS, Debian, BIG-IP Hardware, TMOS, Fedora, OpenView, OpenView NNM, HP-UX, Junos Space, Junos Space Network Management Platform, Mandriva Linux, ePO, OpenSolaris, openSUSE, Oracle AS, Oracle Fusion Middleware, Solaris, RHEL, Slackware, SLES.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 24/08/2011.
Revisions dates: 24/08/2011, 26/08/2011, 14/09/2011.
Identifiers: BID-49303, c02997184, c03011498, c03025215, CERTA-2011-AVI-493, cisco-sa-20110830-apache, CVE-2011-3192, DSA-2298-1, DSA-2298-2, FEDORA-2011-12715, HPSBMU02704, HPSBUX02702, HPSBUX02707, KB73310, MDVSA-2011:130, MDVSA-2011:130-1, openSUSE-SU-2011, openSUSE-SU-2011:0993-1, PSN-2013-02-846, RHSA-2011:1245-01, RHSA-2011:1294-01, RHSA-2011:1300-01, RHSA-2011:1329-01, RHSA-2011:1330-01, RHSA-2011:1369-01, sk65222, SSA:2011-252-01, SSRT100606, SSRT100619, SSRT100626, SUSE-SU-2011:1000-1, SUSE-SU-2011:1007-1, SUSE-SU-2011:1010-1, SUSE-SU-2011:1215-1, SUSE-SU-2011:1216-1, VIGILANCE-VUL-10944, VU#405811.

Description of the vulnerability

The Range header defined in the HTTP protocol indicates a byte range that server should return. For example, to obtain byte between 10 to 30 and 50 to 60:
  Range: bytes=10-30,50-60
The Request-Range header is the obsolete name of Range.

Apache processes the following objects:
 - bucket: an abstract storage area (memory, file, etc.).
 - brigade: a chained list of buckets

When Apache httpd receives a query containing the Range header, it stores each range in a brigade. However, if the range list is large, this brigade consumes a lot of memory.

An attacker can therefore use several parallel queries using Range or Request-Range, in order to progressively use the available memory.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Internet Application Server: