CH azonosító
CH-13632Angol cím
Oracle Critical Patch Update AdvisoryFelfedezés dátuma
2016.10.17.Súlyosság
KritikusÉrintett rendszerek
OracleÉrintett verziók
Application Express,5.0.4.0.7 előtti verziók
Oracle Database Server, 11.2.0.4, 12.1.0.2
Oracle Secure Backup,10.4.0.4.0, 12.1.0.2.0 előtti verziók
Big Data Graph,1.2 előtti verziók
NetBeans, 8.1
Oracle BI Publisher, 11.1.1.7.0, 11.1.1.9.0, 12.2.1.0.0
Oracle Big Data Discovery, 1.1.1, 1.1.3, 1.2.0
Oracle Business Intelligence Enterprise Edition, 11.1.1.7.0, 11.1.1.9.0, 12.1.1.0.0, 12.2.1.1.0
Oracle Data Integrar, 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0
Oracle Discoverer, 11.1.1.7.0
Oracle Fusion Middleware, 11.1.1.7, 11.1.1.9, 11.1.2.3, 11.1.2.4, 12.1.3.0, 12.2.1.0, 12.2.1.1
Oracle GlassFish Server, 2.1.1, 3.0.1, 3.1.2
Oracle Identity Manager, 11.1.2.2.0, 11.1.2.3.0
Oracle iPlanet Web Proxy Server, 4.0
Oracle iPlanet Web Server, 7.0
Oracle Outside In Technology, 8.4.0, 8.5.1, 8.5.2, 8.5.3
Oracle Platform Security for Java, 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0
Oracle Web Services, 12.1.3.0.0, 12.2.1.0.0
Oracle WebCenter Sites, 12.2.1.0.0, 12.2.1.1.0, 12.2.1.2.0
Oracle WebLogic Server, 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1
Enterprise Manager, 12.1.4, 12.2.2, 12.3.2
Enterprise Manager Base Platform, 12.1.0.5
Oracle E-Business Suite, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6
Oracle Advanced Supply Chain Planning, 12.2.3, 12.2.4, 12.2.5
Oracle Agile Engineering Data Management, 6.1.3.0
Oracle Agile PLM, 9.3.4, 9.3.5
Oracle Agile Product Lifecycle Management for Process, 6.1.0.4, 6.1.1.6, 6.2.0.0
Oracle Transportation Management, 6.3
PeopleSoft Enterprise HCM, 9.2
PeopleSoft Enterprise Peopleols, 8.54, 8.55
PeopleSoft Enterprise SCM Services Procurement, 9.1, 9.2
JD Edwards EnterpriseOne ols, 9.1
Siebel Applications, 7.1, 16.1
Oracle Commerce Guided Search, 6.2.2, 6.3.0, 6.4.1.2, 6.5.0, 6.5.1, 6.5.2
Oracle Commerce Guided Search / Oracle Commerce Experience Manager, 3.1.1, 3.1.2, 6.2.2, 6.3.0, 6.4.1.2, 6.5.0, 6.5.1, 6.5.2, 6.5.3, 11.0, 11.1, 11.2
Oracle Commerce Platform, 10.0.3.5, 10.2.0.5, 11.2.0.1
Oracle Commerce Service Center, 10.0.3.5, 10.2.0.5
Oracle Fusion Applications, 11.1.2-től 11.1.9-ig
Oracle Communications Policy Management, 9.7.3, 9.9.1, 10.4.1, 12.1.1 és előtti verziók
Oracle Enterprise Communications Broker, Pcz2.0.0m4p5 és korábbi
Oracle Enterprise Session Border Controller, Ecz7.3m2p2 és korábbi
Oracle Banking Digital Experience, 15.1
Oracle Financial Services Analytical Applications Infrastructure, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 8.0.0, 8.0.1, 8.0.2, 8.0.3
Oracle Financial Services Lending és Leasing, 14.1.0, 14.2.0
Oracle FLEXCUBE Core Banking, 11.5.0.0.0, 11.6.0.0.0
Oracle FLEXCUBE Enterprise Limits és Collateral Management, 12.0.0, 12.1.0
Oracle FLEXCUBE Invesr Servicing, 12.0.1
Oracle FLEXCUBE Private Banking, 2.0.0, 2.0.1, 2.2.0, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0
Oracle FLEXCUBE Universal Banking, 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.87.1, 12.87.2
Oracle Life Sciences Data Hub, 2.x
Oracle Hospitality OPERA 5 Property Services, 5.4.0.0, 5.4.1.0, 5.4.2.0, 5.4.3.0, 5.5.0.0, 5.5.1.0
Oracle Insurance IStream, 4.3.2
MICROS XBR, 7.0.2, 7.0.4
Oracle Retail Back Office, 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, 14.1
Oracle Retail Central Office, 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, 14.1
Oracle Retail Clearance Optimization Engine, 13.2, 13.3, 13.4, 14.0
Oracle Retail Price Management, 15.0
Oracle Retail Returns Management, 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, 14.1
Oracle Retail Xsre Payment, 1.x
Oracle Retail Xsre Point of Service, 5.0, 5.5, 6.0, 6.5, 7.0, 7.1
Primavera P6 Enterprise Project Portfolio Management, 8.4, 15.x, 16.x
Primavera P6 Professional Project Management, 8.3, 8.4, 15.x, 16.x
Oracle Java SE, 6u121, 7u111, 8u102
Oracle Java SE Embedded, 8u101
Solaris, 10, 11.3
Solaris Cluster, 3.3, 4.3
Sun ZFS Srage Appliance Kit (AK), AK 2013
Oracle VM VirtualBox,5.0.28, 5.1.8 előtti verziók
Secure Global Deskp, 4.7, 5.2
Sun Ray Operating Software,11.1.7 előtti verziók
Virtual Deskp Infrastructure,3.5.3 előtti verziók
MySQL Connecr, 2.0.4 és , 2.1.3 előtti verziók
MySQL Server, 5.5.52 és , 5.6.33 és , 5.7.15 előtti verziók
Összefoglaló
Az Oracle kritikus kockázati besorolású sérülékenységei váltak ismertté, amelyeket kihasználva a támadó akár tetszőleges kódot futtathat a rendszeren. A hibajavítás többek között érinti a MySQL és a Java SE komponenseket is. A sérülékenységeket kiküszöbölő megoldás már beszerezhető a gyártótól.
Leírás
A tervezett frissítések összesen 247 biztonsági hibát javítanak ki, melyek közül több akár távolról, hitelesítés nélkül is kihasználható. A kritikus hibajavítások az alábbi termékcsaládokat érinti:
- Oracle Database Server
- Oracle Secure Backup
- Oracle Big Data Graph
- Oracle Fusion Middleware
- Oracle Enterprise Manager
- Oracle E-Business Suite
- Oracle Supply Chain Products Suite
- Oracle PeopleSoft Products
- Oracle JD Edwards Products
- Oracle Siebel CRM
- Oracle Commerce
- Oracle Communications Applications
- Oracle Financial Services
- Oracle Health Sciences Applications
- Oracle Hospitality Applications
- Oracle Insurance Applications
- Oracle Retail Applications
- Oracle Primavera Products Suite
- Oracle Java SE
- Oracle Sun Systems
- Oracle Virtualization
- Oracle MySQL
Update: Az Oracle elérhetővé tette a sérülékenységeket kiküszöbölő megoldásokat.
Megoldás
Frissítsen a legújabb verzióraMegoldás
Telepítse a gyártó által kiadott javításokat.
Támadás típusa
Other (Egyéb)execute arbitrary code
Hatás
Loss of availability (Elérhetőség elvesztése)Loss of confidentiality (Bizalmasság elvesztése)
Loss of integrity (Sértetlenség elvesztése)
Szükséges hozzáférés
Remote/Network (Távoli/hálózat)Hivatkozások
Gyártói referencia: www.oracle.com
Egyéb referencia: www.heise.de
CVE-2016-5555 - NVD CVE-2016-5555
CVE-2016-5572 - NVD CVE-2016-5572
CVE-2016-5497 - NVD CVE-2016-5497
CVE-2010-5312 - NVD CVE-2010-5312
CVE-2016-5516 - NVD CVE-2016-5516
CVE-2016-5505 - NVD CVE-2016-5505
CVE-2016-5498 - NVD CVE-2016-5498
CVE-2016-5499 - NVD CVE-2016-5499
CVE-2016-3562 - NVD CVE-2016-3562
CVE-2015-1351 - NVD CVE-2015-1351
CVE-2015-0286 - NVD CVE-2015-0286
CVE-2015-7501 - NVD CVE-2015-7501
CVE-2015-3253 - NVD CVE-2015-3253
CVE-2016-3551 - NVD CVE-2016-3551
CVE-2016-5535 - NVD CVE-2016-5535
CVE-2016-5531 - NVD CVE-2016-5531
CVE-2016-1950 - NVD CVE-2016-1950
CVE-2016-5519 - NVD CVE-2016-5519
CVE-2016-3505 - NVD CVE-2016-3505
CVE-2016-5558 - NVD CVE-2016-5558
CVE-2016-5574 - NVD CVE-2016-5574
CVE-2016-5577 - NVD CVE-2016-5577
CVE-2016-5578 - NVD CVE-2016-5578
CVE-2016-5579 - NVD CVE-2016-5579
CVE-2016-5588 - NVD CVE-2016-5588
CVE-2016-3473 - NVD CVE-2016-3473
CVE-2016-8281 - NVD CVE-2016-8281
CVE-2016-5536 - NVD CVE-2016-5536
CVE-2016-5495 - NVD CVE-2016-5495
CVE-2016-5500 - NVD CVE-2016-5500
CVE-2016-5601 - NVD CVE-2016-5601
CVE-2016-2107 - NVD CVE-2016-2107
CVE-2016-5537 - NVD CVE-2016-5537
CVE-2016-5602 - NVD CVE-2016-5602
CVE-2016-5488 - NVD CVE-2016-5488
CVE-2016-5511 - NVD CVE-2016-5511
CVE-2016-5618 - NVD CVE-2016-5618
CVE-2016-5506 - NVD CVE-2016-5506
CVE-2015-3197 - NVD CVE-2015-3197
CVE-2016-4979 - NVD CVE-2016-4979
CVE-2015-7940 - NVD CVE-2015-7940
CVE-2016-5604 - NVD CVE-2016-5604
CVE-2016-2105 - NVD CVE-2016-2105
CVE-2016-2106 - NVD CVE-2016-2106
CVE-2016-2109 - NVD CVE-2016-2109
CVE-2099-1234 - NVD CVE-2099-1234
CVE-2016-1546 - NVD CVE-2016-1546
CVE-2016-5557 - NVD CVE-2016-5557
CVE-2016-5589 - NVD CVE-2016-5589
CVE-2016-5587 - NVD CVE-2016-5587
CVE-2016-5591 - NVD CVE-2016-5591
CVE-2016-5593 - NVD CVE-2016-5593
CVE-2016-5592 - NVD CVE-2016-5592
CVE-2016-5595 - NVD CVE-2016-5595
CVE-2016-5586 - NVD CVE-2016-5586
CVE-2016-2176 - NVD CVE-2016-2176
CVE-2016-5489 - NVD CVE-2016-5489
CVE-2016-5562 - NVD CVE-2016-5562
CVE-2016-5581 - NVD CVE-2016-5581
CVE-2016-5567 - NVD CVE-2016-5567
CVE-2016-5570 - NVD CVE-2016-5570
CVE-2016-5571 - NVD CVE-2016-5571
CVE-2016-5585 - NVD CVE-2016-5585
CVE-2016-5517 - NVD CVE-2016-5517
CVE-2016-5575 - NVD CVE-2016-5575
CVE-2016-5583 - NVD CVE-2016-5583
CVE-2016-5532 - NVD CVE-2016-5532
CVE-2016-5596 - NVD CVE-2016-5596
CVE-2016-5599 - NVD CVE-2016-5599
CVE-2016-5523 - NVD CVE-2016-5523
CVE-2016-5514 - NVD CVE-2016-5514
CVE-2016-5515 - NVD CVE-2016-5515
CVE-2016-0635 - NVD CVE-2016-0635
CVE-2016-0714 - NVD CVE-2016-0714
CVE-2016-5518 - NVD CVE-2016-5518
CVE-2016-5526 - NVD CVE-2016-5526
CVE-2016-5521 - NVD CVE-2016-5521
CVE-2016-5512 - NVD CVE-2016-5512
CVE-2016-5527 - NVD CVE-2016-5527
CVE-2016-5510 - NVD CVE-2016-5510
CVE-2016-5524 - NVD CVE-2016-5524
CVE-2016-5513 - NVD CVE-2016-5513
CVE-2016-5522 - NVD CVE-2016-5522
CVE-2016-5504 - NVD CVE-2016-5504
CVE-2015-5351 - NVD CVE-2015-5351
CVE-2016-0706 - NVD CVE-2016-0706
CVE-2016-0763 - NVD CVE-2016-0763
CVE-2016-8293 - NVD CVE-2016-8293
CVE-2016-8291 - NVD CVE-2016-8291
CVE-2016-8296 - NVD CVE-2016-8296
CVE-2016-5529 - NVD CVE-2016-5529
CVE-2016-5530 - NVD CVE-2016-5530
CVE-2016-5600 - NVD CVE-2016-5600
CVE-2016-8285 - NVD CVE-2016-8285
CVE-2016-8295 - NVD CVE-2016-8295
CVE-2016-8294 - NVD CVE-2016-8294
CVE-2016-8292 - NVD CVE-2016-8292
CVE-2016-1181 - NVD CVE-2016-1181
CVE-2015-1793 - NVD CVE-2015-1793
CVE-2016-1182 - NVD CVE-2016-1182
CVE-2016-3081 - NVD CVE-2016-3081
CVE-2016-5534 - NVD CVE-2016-5534
CVE-2016-5560 - NVD CVE-2016-5560
CVE-2016-5482 - NVD CVE-2016-5482
CVE-2016-5491 - NVD CVE-2016-5491
CVE-2015-0235 - NVD CVE-2015-0235
CVE-2015-0411 - NVD CVE-2015-0411
CVE-2014-0050 - NVD CVE-2014-0050
CVE-2014-0224 - NVD CVE-2014-0224
CVE-2013-2067 - NVD CVE-2013-2067
CVE-2014-0227 - NVD CVE-2014-0227
CVE-2013-2566 - NVD CVE-2013-2566
CVE-2013-4444 - NVD CVE-2013-4444
CVE-2015-1791 - NVD CVE-2015-1791
CVE-2015-2568 - NVD CVE-2015-2568
CVE-2014-0096 - NVD CVE-2014-0096
CVE-2013-4590 - NVD CVE-2013-4590
CVE-2014-0099 - NVD CVE-2014-0099
CVE-2014-0075 - NVD CVE-2014-0075
CVE-2014-0119 - NVD CVE-2014-0119
CVE-2013-4322 - NVD CVE-2013-4322
CVE-2014-9296 - NVD CVE-2014-9296
CVE-2014-3571 - NVD CVE-2014-3571
CVE-2015-3195 - NVD CVE-2015-3195
CVE-2014-2532 - NVD CVE-2014-2532
CVE-2013-4286 - NVD CVE-2013-4286
CVE-2015-0433 - NVD CVE-2015-0433
CVE-2015-0423 - NVD CVE-2015-0423
CVE-2015-0500 - NVD CVE-2015-0500
CVE-2015-0409 - NVD CVE-2015-0409
CVE-2015-0381 - NVD CVE-2015-0381
CVE-2015-0382 - NVD CVE-2015-0382
CVE-2014-9293 - NVD CVE-2014-9293
CVE-2014-9294 - NVD CVE-2014-9294
CVE-2014-9295 - NVD CVE-2014-9295
CVE-2015-1788 - NVD CVE-2015-1788
CVE-2015-1789 - NVD CVE-2015-1789
CVE-2015-1790 - NVD CVE-2015-1790
CVE-2015-1792 - NVD CVE-2015-1792
CVE-2016-5607 - NVD CVE-2016-5607
CVE-2016-5622 - NVD CVE-2016-5622
CVE-2016-5619 - NVD CVE-2016-5619
CVE-2016-5543 - NVD CVE-2016-5543
CVE-2016-5569 - NVD CVE-2016-5569
CVE-2016-5502 - NVD CVE-2016-5502
CVE-2016-5620 - NVD CVE-2016-5620
CVE-2016-5594 - NVD CVE-2016-5594
CVE-2016-5479 - NVD CVE-2016-5479
CVE-2016-5603 - NVD CVE-2016-5603
CVE-2016-5621 - NVD CVE-2016-5621
CVE-2016-5493 - NVD CVE-2016-5493
CVE-2016-5490 - NVD CVE-2016-5490
CVE-2014-7809 - NVD CVE-2014-7809
CVE-2016-5563 - NVD CVE-2016-5563
CVE-2016-5565 - NVD CVE-2016-5565
CVE-2016-5564 - NVD CVE-2016-5564
CVE-2016-1881 - NVD CVE-2016-1881
CVE-2016-5539 - NVD CVE-2016-5539
CVE-2016-5540 - NVD CVE-2016-5540
CVE-2015-4852 - NVD CVE-2015-4852
CVE-2012-1007 - NVD CVE-2012-1007
CVE-2014-0114 - NVD CVE-2014-0114
CVE-2016-5533 - NVD CVE-2016-5533
CVE-2016-5556 - NVD CVE-2016-5556
CVE-2016-5568 - NVD CVE-2016-5568
CVE-2016-5582 - NVD CVE-2016-5582
CVE-2016-5573 - NVD CVE-2016-5573
CVE-2016-5597 - NVD CVE-2016-5597
CVE-2016-5554 - NVD CVE-2016-5554
CVE-2016-5542 - NVD CVE-2016-5542
CVE-2016-5503 - NVD CVE-2016-5503
CVE-2016-5544 - NVD CVE-2016-5544
CVE-2016-5492 - NVD CVE-2016-5492
CVE-2016-5606 - NVD CVE-2016-5606
CVE-2016-5576 - NVD CVE-2016-5576
CVE-2016-5486 - NVD CVE-2016-5486
CVE-2016-5566 - NVD CVE-2016-5566
CVE-2016-5487 - NVD CVE-2016-5487
CVE-2016-5553 - NVD CVE-2016-5553
CVE-2016-5559 - NVD CVE-2016-5559
CVE-2016-5481 - NVD CVE-2016-5481
CVE-2016-5615 - NVD CVE-2016-5615
CVE-2016-5508 - NVD CVE-2016-5508
CVE-2016-5525 - NVD CVE-2016-5525
CVE-2016-5561 - NVD CVE-2016-5561
CVE-2016-5480 - NVD CVE-2016-5480
CVE-2016-5580 - NVD CVE-2016-5580
CVE-2016-5605 - NVD CVE-2016-5605
CVE-2016-5501 - NVD CVE-2016-5501
CVE-2016-6304 - NVD CVE-2016-6304
CVE-2016-5538 - NVD CVE-2016-5538
CVE-2016-5610 - NVD CVE-2016-5610
CVE-2016-5608 - NVD CVE-2016-5608
CVE-2016-5611 - NVD CVE-2016-5611
CVE-2016-5613 - NVD CVE-2016-5613
CVE-2016-2177 - NVD CVE-2016-2177
CVE-2016-2178 - NVD CVE-2016-2178
CVE-2016-2179 - NVD CVE-2016-2179
CVE-2016-2180 - NVD CVE-2016-2180
CVE-2016-2181 - NVD CVE-2016-2181
CVE-2016-2182 - NVD CVE-2016-2182
CVE-2016-2183 - NVD CVE-2016-2183
CVE-2016-6302 - NVD CVE-2016-6302
CVE-2016-6303 - NVD CVE-2016-6303
CVE-2016-6305 - NVD CVE-2016-6305
CVE-2016-6306 - NVD CVE-2016-6306
CVE-2016-6307 - NVD CVE-2016-6307
CVE-2016-6308 - NVD CVE-2016-6308
CVE-2016-6309 - NVD CVE-2016-6309
CVE-2016-7052 - NVD CVE-2016-7052
CVE-2016-6662 - NVD CVE-2016-6662
CVE-2016-5617 - NVD CVE-2016-5617
CVE-2016-5616 - NVD CVE-2016-5616
CVE-2016-5625 - NVD CVE-2016-5625
CVE-2016-5609 - NVD CVE-2016-5609
CVE-2016-5612 - NVD CVE-2016-5612
CVE-2016-5624 - NVD CVE-2016-5624
CVE-2016-5626 - NVD CVE-2016-5626
CVE-2016-5627 - NVD CVE-2016-5627
CVE-2016-3492 - NVD CVE-2016-3492
CVE-2016-5598 - NVD CVE-2016-5598
CVE-2016-7440 - NVD CVE-2016-7440
CVE-2016-5628 - NVD CVE-2016-5628
CVE-2016-5629 - NVD CVE-2016-5629
CVE-2016-3495 - NVD CVE-2016-3495
CVE-2016-5630 - NVD CVE-2016-5630
CVE-2016-5507 - NVD CVE-2016-5507
CVE-2016-5631 - NVD CVE-2016-5631
CVE-2016-5632 - NVD CVE-2016-5632
CVE-2016-5633 - NVD CVE-2016-5633
CVE-2016-5634 - NVD CVE-2016-5634
CVE-2016-5635 - NVD CVE-2016-5635
CVE-2016-8289 - NVD CVE-2016-8289
CVE-2016-8287 - NVD CVE-2016-8287
CVE-2016-8290 - NVD CVE-2016-8290
CVE-2016-5584 - NVD CVE-2016-5584
CVE-2016-8283 - NVD CVE-2016-8283
CVE-2016-8288 - NVD CVE-2016-8288
CVE-2016-8286 - NVD CVE-2016-8286
CVE-2016-8284 - NVD CVE-2016-8284