Jump to content


Photo

Oracle Critical Patch Update Advisory - Oct 2016


  • Please log in to reply
No replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 18 October 2016 - 06:39 PM

FYI...

Oracle Critical Patch Update Advisory - Oct 2016
- http://www.oracle.co...16-2881722.html
Oct 18, 2016 - "... This Critical Patch Update contains -253- new security fixes across the product families listed..."

- https://blogs.oracle...al_patch_update
Oct 18, 2016
___

Oracle Database
- http://www.securityt....com/id/1037035
CVE Reference: CVE-2010-5312, CVE-2016-3562, CVE-2016-5497, CVE-2016-5498, CVE-2016-5499, CVE-2016-5505, CVE-2016-5516, CVE-2016-5555, CVE-2016-5572
Oct 18 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 11.2.0.4, 12.1.0.2 ...
Impact: A remote user can obtain data on the target system.
A remote user can modify data on the target system.
A local user can cause denial of service conditions on the target system.
A local user can obtain data on the target system.
A local user can obtain elevated privileges on the target system.
A remote authenticated user can gain elevated privileges on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update...

Oracle Enterprise Manager
- http://www.securityt....com/id/1037036
CVE Reference: CVE-2015-7940, CVE-2016-5604
Oct 18 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 12.1.4, 12.2.2, 12.3.2 ...
Impact: A remote user can obtain data on the target system.
A local user can obtain data on the target system.
A local user can modify data on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update...

Oracle E-Business Suite
- http://www.securityt....com/id/1037038
CVE Reference: CVE-2016-5489, CVE-2016-5517, CVE-2016-5532, CVE-2016-5557, CVE-2016-5562, CVE-2016-5567, CVE-2016-5570, CVE-2016-5571, CVE-2016-5575, CVE-2016-5581, CVE-2016-5583, CVE-2016-5585, CVE-2016-5586, CVE-2016-5587, CVE-2016-5589, CVE-2016-5591, CVE-2016-5592, CVE-2016-5593, CVE-2016-5595, CVE-2016-5596
Oct 18 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Impact: A remote user can obtain data on the target system.
A remote user can modify data on the target system.
A local user can obtain data on the target system.
A local user can obtain elevated privileges on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update...

Oracle Java SE
- http://www.securityt....com/id/1037040
CVE Reference: CVE-2016-5542, CVE-2016-5554, CVE-2016-5556, CVE-2016-5568, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597
Oct 18 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6u121, 7u111, 8u102; Java SE Embedded: 8u101 ...
Impact: A remote user can obtain data on the target system.
A remote user can partially modify data on the target system.
A remote user can gain elevated privileges on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update.
The vendor's advisory is available at:
- http://www.oracle.co...16-2881722.html

Oracle PeopleSoft Enterprise
- http://www.securityt....com/id/1037046
CVE Reference: CVE-2015-7940, CVE-2016-5529, CVE-2016-5530, CVE-2016-5600, CVE-2016-8285, CVE-2016-8291, CVE-2016-8292, CVE-2016-8293, CVE-2016-8294, CVE-2016-8295, CVE-2016-8296
Oct 19 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 8.54, 8.55 ...
Impact: A remote user can obtain data on the target system.
A remote user can modify data on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update...

Solaris
- http://www.securityt....com/id/1037048
CVE Reference: CVE-2016-5480, CVE-2016-5487, CVE-2016-5508, CVE-2016-5525, CVE-2016-5544, CVE-2016-5553, CVE-2016-5559, CVE-2016-5561, CVE-2016-5566, CVE-2016-5576, CVE-2016-5606, CVE-2016-5615
Oct 19 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 10, 11.3 ...
Impact: A remote user can obtain data on the target system.
A local user can cause denial of service conditions on the target system.
A remote user can cause denial of service conditions.
A local user can obtain data on the target system.
A local user can obtain elevated privileges on the target system.
A local user can modify data on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update...

Oracle Financial Services Apps
- http://www.securityt....com/id/1037049
CVE Reference: CVE-2016-5479, CVE-2016-5490, CVE-2016-5493, CVE-2016-5502, CVE-2016-5543, CVE-2016-5569, CVE-2016-5594, CVE-2016-5603, CVE-2016-5607, CVE-2016-5619, CVE-2016-5620, CVE-2016-5621, CVE-2016-5622
Oct 19 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Impact: A remote user can obtain data on the target system.
A remote user can modify data on the target system.
A local user can obtain data on the target system.
A remote authenticated user can gain elevated privileges on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update...

MySQL
- http://www.securityt....com/id/1037050
CVE Reference: CVE-2016-3492, CVE-2016-3495, CVE-2016-5507, CVE-2016-5584, CVE-2016-5598, CVE-2016-5609, CVE-2016-5612, CVE-2016-5616, CVE-2016-5617, CVE-2016-5624, CVE-2016-5625, CVE-2016-5626, CVE-2016-5627, CVE-2016-5628, CVE-2016-5629, CVE-2016-5630, CVE-2016-5631, CVE-2016-5632, CVE-2016-5633, CVE-2016-5634, CVE-2016-5635, CVE-2016-7440, CVE-2016-8283, CVE-2016-8284, CVE-2016-8286, CVE-2016-8287, CVE-2016-8288, CVE-2016-8289, CVE-2016-8290
Oct 19 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.5.52 and prior, 5.6.33 and prior, 5.7.15 and prior ...
Impact: A remote user can obtain data on the target system.
A remote user can modify data on the target system.
A local user can cause denial of service conditions on the target system.
A remote user can cause denial of service conditions.
A local user can obtain elevated privileges on the target system.
A local user can modify data on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update...

Oracle Fusion Middleware
- http://www.securityt....com/id/1037051
CVE Reference: CVE-2016-3473, CVE-2016-3551, CVE-2016-5495, CVE-2016-5500, CVE-2016-5506, CVE-2016-5511, CVE-2016-5536, CVE-2016-5537, CVE-2016-5558, CVE-2016-5574, CVE-2016-5577, CVE-2016-5578, CVE-2016-5579, CVE-2016-5588, CVE-2016-5602, CVE-2016-5618, CVE-2016-8281
Oct 19 2016
Fix Available:  Yes  Vendor Confirmed:  Yes
Impact: A remote user can obtain data on the target system.
A remote user can modify data on the target system.
A local user can cause denial of service conditions on the target system.
A remote user can cause denial of service conditions.
A local user can obtain data on the target system.
A local user can modify data on the target system.
A remote user can gain elevated privileges on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update...

Oracle WebLogic Server
- http://www.securityt....com/id/1037052
CVE Reference: CVE-2015-7501, CVE-2016-3505, CVE-2016-5488, CVE-2016-5531, CVE-2016-5535, CVE-2016-5601
Oct 19 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 ...
Impact: A remote user can cause denial of service conditions.
A local user can obtain data on the target system.
A local user can modify data on the target system.
A remote user can gain elevated privileges on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update...

Oracle VM VirtualBox
- http://www.securityt....com/id/1037053
CVE Reference: CVE-2015-7501, CVE-2015-7940, CVE-2016-5501, CVE-2016-5538, CVE-2016-5605, CVE-2016-5608, CVE-2016-5610, CVE-2016-5611, CVE-2016-5613
Oct 19 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Impact: A remote user can obtain data on the target system.
A remote user can modify data on the target system.
A local user can cause denial of service conditions on the target system.
A local user can obtain data on the target system.
A local user can obtain elevated privileges on the target system.
A local user can modify data on the target system.
Solution: The vendor has issued a fix as part of the October 2016 Oracle Critical Patch Update...
___

Patch Availability Table
-

Text format Risk Matrices
-
___

- https://www.us-cert....curity-Bulletin
Oct 18, 2016
 

:ph34r: :ph34r: :ph34r:


Edited by AplusWebMaster, 19 October 2016 - 07:03 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.




Member of UNITE
Support SpywareInfo Forum - click the button