[Previous entry: "oops missed off the link"] [Next entry: "Integrigy releases a useful impact analysis paper on CPU - Jan 2005"]
Steve Kost has released an Integrigy advisory for CPU - January 2005
January 23rd, 2005 by Pete
Post to del.icio.us
Post to Furl
I got an email from Steve a couple of days ago, thanks Steve! for letting me know about his advisory for the CPU - Jan 2005 patch set. The Integrigy advisory is called High Risk Security Issues in the Oracle Database and Oracle Applications - Oracle Critical Patch Update – January 2005 and details the security bugs found by Stephen Kost of Integrigy and fixed in Oracles CPU - Jan 2005 patch set. The bugs found include multiple issues in the Oracle Spatial MDSYS.MD2 package, a denial of service in the Oracle Forms Server and a password leakage issue in the Oracle Reports Server and two SQL Injection issues in the Oracle E-Business Suite.
I have also updated my Oracle security alerts page to complete the annotated details I know of for CPU - Jan 2005 advisories.
