Wazi » Security Team

Solaris 10 and prior [Low]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Solaris 10 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Solaris 10 and prior [Low]

Description

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2382
Severity: Low

NIST National Vulnerabilities Database

Fusion Middleware 10.1.4.0.1 and prior [Low]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Fusion Middleware 10.1.4.0.1 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Fusion Middleware 10.1.4.0.1 and prior [Low]

Description

Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2381
Severity: Low

NIST National Vulnerabilities Database

Peoplesoft And Jdedwards Suite Scm 9.1 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Peoplesoft And Jdedwards Suite Scm 9.1 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Peoplesoft And Jdedwards Suite Scm 9.1 and prior [Medium]

Description

Unspecified vulnerability in the PeopleSoft Enterprise FSCM component in Oracle PeopleSoft and JDEdwards Suite SCM 8.9 Bundle #37, SCM 9.0 Bundle #30, and SCM 9.1 Bundle #4 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2380
Severity: Medium

NIST National Vulnerabilities Database

Peoplesoft And Jdedwards Suite Hcm 9.1 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Peoplesoft And Jdedwards Suite Hcm 9.1 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Peoplesoft And Jdedwards Suite Hcm 9.1 and prior [Medium]

Description

Unspecified vulnerability in the PeopleSoft Enterprise HCM – Time & Labor component in Oracle PeopleSoft and JDEdwards Suite HCM 9.0 Bundle #13 and HCM 9.1 Bundle #2 allows remote authenticated users to affect confidentiality via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2379
Severity: Medium

NIST National Vulnerabilities Database

Peoplesoft And Jdedwards Suite Crm 9.1 and prior [Low]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Peoplesoft And Jdedwards Suite Crm 9.1 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Peoplesoft And Jdedwards Suite Crm 9.1 and prior [Low]

Description

Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwards Suite CRM 9.0 Bundle #28 and CRM 9.1 Bundle #4 allows local users to affect confidentiality and integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2378
Severity: Low

NIST National Vulnerabilities Database

Peoplesoft And Jdedwards Product Suite 8.50.10 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Peoplesoft And Jdedwards Product Suite 8.50.10 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Peoplesoft And Jdedwards Product Suite 8.50.10 and prior [Medium]

Description

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.27 and 8.50.10 allows remote authenticated users to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2377
Severity: Medium

NIST National Vulnerabilities Database

Solaris 10 and prior [Low]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Solaris 10 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Solaris 10 and prior [Low]

Description

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Management Console.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2376
Severity: Low

NIST National Vulnerabilities Database

Weblogic Server Component 10.3.3 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Weblogic Server Component 10.3.3 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Weblogic Server Component 10.3.3 and prior [Medium]

Description

Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2375
Severity: Medium

NIST National Vulnerabilities Database

Solaris Studio 12 [Low]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Solaris Studio 12 [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Solaris Studio 12 [Low]

Description

Unspecified vulnerability in Solaris Studio 12 update 1 allows local users to affect confidentiality and integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2374
Severity: Low

NIST National Vulnerabilities Database

Enterprise Manager Grid Control 10.2.0.5 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Enterprise Manager Grid Control 10.2.0.5 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Enterprise Manager Grid Control 10.2.0.5 and prior [Medium]

Description

Unspecified vulnerability in the Console component in Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2373
Severity: Medium

NIST National Vulnerabilities Database

Supply Chain Products Suite 6.1.1 [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Supply Chain Products Suite 6.1.1 [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Supply Chain Products Suite 6.1.1 [Medium]

Description

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1.1 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2371.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2372
Severity: Medium

NIST National Vulnerabilities Database

Supply Chain Products Suite 6.1.1 [Low]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Supply Chain Products Suite 6.1.1 [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Supply Chain Products Suite 6.1.1 [Low]

Description

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1.1 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-2372.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2371
Severity: Low

NIST National Vulnerabilities Database

Fusion Middleware 10.3 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Fusion Middleware 10.3 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Fusion Middleware 10.3 and prior [Medium]

Description

Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middleware 5.7 MP3, 6.0 MP5, and 10.3 MP2 allows remote attackers to affect integrity, related to BPM.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2370
Severity: Medium

NIST National Vulnerabilities Database

Opensolaris 10 [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Opensolaris 10 [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Opensolaris 10 [Medium]

Description

Unspecified vulnerability in Oracle OpenSolaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rdist.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0916
Severity: Medium

NIST National Vulnerabilities Database

E-business Suite 12.1.2 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, E-business Suite 12.1.2 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

E-business Suite 12.1.2 and prior [Medium]

Description

Unspecified vulnerability in the Oracle Advanced Product Catalog component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0915
Severity: Medium

NIST National Vulnerabilities Database

Sun Convergence 1.0 [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Sun Convergence 1.0 [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Sun Convergence 1.0 [Medium]

Description

Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Mail, Calendar, Address Book, and Instant Messaging.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0914
Severity: Medium

NIST National Vulnerabilities Database

E-business Suite 12.1.2 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, E-business Suite 12.1.2 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

E-business Suite 12.1.2 and prior [Medium]

Description

Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0913
Severity: Medium

NIST National Vulnerabilities Database

E-business Suite 12.1.2 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, E-business Suite 12.1.2 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

E-business Suite 12.1.2 and prior [Medium]

Description

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0912
Severity: Medium

NIST National Vulnerabilities Database

Database Server 11.2.0.1 and prior [High]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Database Server 11.2.0.1 and prior [High], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Database Server 11.2.0.1 and prior [High]

Description

Unspecified vulnerability in the Listener component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0911
Severity: High

NIST National Vulnerabilities Database

Timesten In-memory Database 11.2.1.4.1 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Timesten In-memory Database 11.2.1.4.1 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Timesten In-memory Database 11.2.1.4.1 and prior [Medium]

Description

Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0 and 11.2.1.4.1 allows remote attackers to affect availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0910
Severity: Medium

NIST National Vulnerabilities Database

E-business Suite 12.1.2 and prior [Low]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, E-business Suite 12.1.2 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

E-business Suite 12.1.2 and prior [Low]

Description

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote authenticated users to affect confidentiality via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0909
Severity: Low

NIST National Vulnerabilities Database

E-business Suite 12.1.2 [High]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, E-business Suite 12.1.2 [High], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

E-business Suite 12.1.2 [High]

Description

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0908
Severity: High

NIST National Vulnerabilities Database

Secure Backup 10.3.0.1 [Unknown Severity]

Security Team — Tue, 13 Jul 2010 18:30:02 +0000

This article, Secure Backup 10.3.0.1 [Unknown Severity], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Secure Backup 10.3.0.1 [Unknown Severity]

Description

Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0898, CVE-2010-0899, CVE-2010-0904, and CVE-2010-0906.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0907
Severity: Unknown Severity

NIST National Vulnerabilities Database

Secure Backup 10.3.0.1 [High]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Secure Backup 10.3.0.1 [High], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Secure Backup 10.3.0.1 [High]

Description

Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0906
Severity: High

NIST National Vulnerabilities Database

E-business Suite 12.0.4 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, E-business Suite 12.0.4 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

E-business Suite 12.0.4 and prior [Medium]

Description

Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0905
Severity: Medium

NIST National Vulnerabilities Database

Secure Backup 10.3.0.1 [Medium]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Secure Backup 10.3.0.1 [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Secure Backup 10.3.0.1 [Medium]

Description

Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0904
Severity: Medium

NIST National Vulnerabilities Database

Database Server 11.2.0.1 and prior [High]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Database Server 11.2.0.1 and prior [High], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Database Server 11.2.0.1 and prior [High]

Description

Unspecified vulnerability in the Net Foundation Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1, when running on Windows, allows remote attackers to affect availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0903
Severity: High

NIST National Vulnerabilities Database

Database Server 11.2.0.1 and prior [Medium]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Database Server 11.2.0.1 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Database Server 11.2.0.1 and prior [Medium]

Description

Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0902
Severity: Medium

NIST National Vulnerabilities Database

Database Server 11.2.0.1 and prior [Low]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Database Server 11.2.0.1 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Database Server 11.2.0.1 and prior [Low]

Description

Unspecified vulnerability in the Export component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Select Any Dictionary.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0901
Severity: Low

NIST National Vulnerabilities Database

Database Server 11.2.0.1 and prior [Low]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Database Server 11.2.0.1 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Database Server 11.2.0.1 and prior [Low]

Description

Unspecified vulnerability in the Network Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1, when running on Windows, allows remote attackers to affect availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0900
Severity: Low

NIST National Vulnerabilities Database

Secure Backup 10.3.0.1 and prior [High]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Secure Backup 10.3.0.1 and prior [High], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Secure Backup 10.3.0.1 and prior [High]

Description

Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0898, CVE-2010-0907, and CVE-2010-0906.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0899
Severity: High

NIST National Vulnerabilities Database

Secure Backup 10.3.0.1 [Unknown Severity]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Secure Backup 10.3.0.1 [Unknown Severity], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Secure Backup 10.3.0.1 [Unknown Severity]

Description

Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0898
Severity: Unknown Severity

NIST National Vulnerabilities Database

Database Server 3.2.0.00.27 [Medium]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Database Server 3.2.0.00.27 [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Database Server 3.2.0.00.27 [Medium]

Description

Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2.0.00.27 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0892
Severity: Medium

NIST National Vulnerabilities Database

Timesten In-memory Database 7.0.6.0 [Unknown Severity]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Timesten In-memory Database 7.0.6.0 [Unknown Severity], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Timesten In-memory Database 7.0.6.0 [Unknown Severity]

Description

Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0873
Severity: Unknown Severity

NIST National Vulnerabilities Database

E-business Suite 12.1.2 and prior [Low]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, E-business Suite 12.1.2 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

E-business Suite 12.1.2 and prior [Low]

Description

Unspecified vulnerability in the Oracle Knowledge Management component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0836
Severity: Low

NIST National Vulnerabilities Database

Fusion Middleware 10.1.2.3 [Medium]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Fusion Middleware 10.1.2.3 [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Fusion Middleware 10.1.2.3 [Medium]

Description

Unspecified vulnerability in the Wireless component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0835
Severity: Medium

NIST National Vulnerabilities Database

Opensolaris 10 and prior [High]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Opensolaris 10 and prior [High], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Opensolaris 10 and prior [High]

Description

Unspecified vulnerability in Oracle OpenSolaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0083
Severity: High

NIST National Vulnerabilities Database

Opensso Enterprise 8.0 [Medium]

Security Team — Tue, 13 Jul 2010 18:30:01 +0000

This article, Opensso Enterprise 8.0 [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Opensso Enterprise 8.0 [Medium]

Description

Unspecified vulnerability in Oracle OpenSSO Enterprise 8.0 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-3762
Severity: Medium

NIST National Vulnerabilities Database

Fusion Middleware 10.1.4.0.1 and prior [Low]

Security Team — Tue, 13 Jul 2010 17:30:00 +0000

This article, Fusion Middleware 10.1.4.0.1 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Fusion Middleware 10.1.4.0.1 and prior [Low]

Description

Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-0081
Severity: Low

NIST National Vulnerabilities Database

Opensso Enterprise 8.0 [Medium]

Security Team — Tue, 13 Jul 2010 17:30:00 +0000

This article, Opensso Enterprise 8.0 [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Opensso Enterprise 8.0 [Medium]

Description

Unspecified vulnerability in the OpenSSO component in Oracle OpenSSO Enterprise 8.0 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-3764
Severity: Medium

NIST National Vulnerabilities Database

Opensso Enterprise 8.0 and prior [Medium]

Security Team — Tue, 13 Jul 2010 17:30:00 +0000

This article, Opensso Enterprise 8.0 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Opensso Enterprise 8.0 and prior [Medium]

Description

Unspecified vulnerability in the Access Manager / OpenSSO component in Oracle OpenSSO Enterprise 7.1, 7, 2005Q4, and 8.0 allows remote attackers to affect integrity via unknown vectors.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-3763
Severity: Medium

NIST National Vulnerabilities Database

Freebsd 8.1 and prior [High]

Security Team — Tue, 13 Jul 2010 16:30:12 +0000

This article, Freebsd 8.1 and prior [High], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Freebsd 8.1 and prior [High]

Description

FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and gain privileges via the sendfile system call.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2693
Severity: High

NIST National Vulnerabilities Database

Mysql 5.1.47 and prior [Low]

Security Team — Tue, 13 Jul 2010 16:30:01 +0000

This article, Mysql 5.1.47 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Mysql 5.1.47 and prior [Low]

Description

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2008
Severity: Low

NIST National Vulnerabilities Database

Hierarchical Select 6.x-3.1 and prior [Low]

Security Team — Tue, 13 Jul 2010 14:30:02 +0000

This article, Hierarchical Select 6.x-3.1 and prior [Low], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Hierarchical Select 6.x-3.1 and prior [Low]

Description

Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and 6.x before 6.x-3.2 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via unspecified vectors in the hierarchical_select form.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2724
Severity: Low

NIST National Vulnerabilities Database

Listserv 16.0 and prior [Medium]

Security Team — Tue, 13 Jul 2010 14:30:02 +0000

This article, Listserv 16.0 and prior [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Listserv 16.0 and prior [Medium]

Description

Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 allows remote attackers to inject arbitrary web script or HTML via the T parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2723
Severity: Medium

NIST National Vulnerabilities Database

Lyrics Engine 3.0 [Medium]

Security Team — Tue, 13 Jul 2010 14:30:02 +0000

This article, Lyrics Engine 3.0 [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Lyrics Engine 3.0 [Medium]

Description

Cross-site scripting (XSS) vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to inject arbitrary web script or HTML via the artist_id parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2722
Severity: Medium

NIST National Vulnerabilities Database

Lyrics Engine 3.0 [High]

Security Team — Tue, 13 Jul 2010 14:30:02 +0000

This article, Lyrics Engine 3.0 [High], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Lyrics Engine 3.0 [High]

Description

SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to execute arbitrary SQL commands via the artist_id parameter in an addalbum action.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2721
Severity: High

NIST National Vulnerabilities Database

Phpaacms 0.3.1 [High]

Security Team — Tue, 13 Jul 2010 14:30:02 +0000

This article, Phpaacms 0.3.1 [High], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Phpaacms 0.3.1 [High]

Description

SQL injection vulnerability in list.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2720
Severity: High

NIST National Vulnerabilities Database

Phpaacms 0.3.1 [High]

Security Team — Tue, 13 Jul 2010 14:30:02 +0000

This article, Phpaacms 0.3.1 [High], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Phpaacms 0.3.1 [High]

Description

SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the id parameter.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2719
Severity: High

NIST National Vulnerabilities Database

Cruxpa 2.00 [Medium]

Security Team — Tue, 13 Jul 2010 14:30:02 +0000

This article, Cruxpa 2.00 [Medium], originally appeared on Wazi, a free source for news, information, and articles on open source software.

Affects:

Cruxpa 2.00 [Medium]

Description

Multiple cross-site scripting (XSS) vulnerabilities in CruxSoftware CruxPA 2.00, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) txtusername parameter to login.php, (2) todo parameter to newtodo.php, and unspecified vectors to (3) newtelephone.php and (4) newappointment.php.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-2718
Severity: Medium

NIST National Vulnerabilities Database