299 VULNERABILIDADES DE ORACLE SOLUCIONADAS

Oracle lanza actualizaciónes Crítica que resuelve un récord de 299 vulnerabilidades en todos sus productos

De estos 299 vulnerabilidades, más de 100 son explotables remotamente sin autenticación. Esto significa que es posible explotar de forma remota la vulnerabilidad a través de sitios web maliciosos o por medio de un ataque a distancia en función del software en particular. Una vez que un ataque explota una vulnerabilidad con éxito, el atacante puede ser capaz de ejecutar comandos en el ordenador afectado sin el conocimiento o consentimiento de la víctima.

Los tres productos con el mayor número de actualizaciones de seguridad son de Oracle Financial Services Aplicaciones con 47 vulnerabilidades y aplicaciones Oracle Retail Oracle y MySQL, los cuales están ligados a las 39 correcciones. Java, que es conocido por ser utilizado por explotar kits para instalar malware en los sistemas vulnerables tenía 8 nuevos parches de seguridad, con 7 de ellos que son explotables remotamente.

El informe ERPScan también entra en detalles que una de las vulnerabilidades que se descubren en Oracle E-Business permitiría a los atacantes leer de forma remota los datos de negocio a partir de bases de datos sin autorización.

Para aquellos usuarios que utilizan algun software de Oracle, aquí teneis los productos afectados y que es necesario actualizar

Oracle Database Server, version(s) 11.2.0.4, 12.1.0.2
Oracle Secure Backup, version(s) prior to 12.1.0.3.0
Oracle Berkeley DB, version(s) prior to 6.2.32
Oracle API Gateway, version(s) 11.1.2.4.0
Oracle Fusion Middleware, version(s) 11.1.1.7, 11.1.1.9, 11.1.2.2, 11.1.2.3, 12.1.3.0, 12.2.1.0, 12.2.1.1
Oracle Fusion Middleware MapViewer, version(s) 11.1.1.9, 12.2.1.1, 12.2.1.2
Oracle GlassFish Server, version(s) 3.1.2
Oracle Identity Manager, version(s) 11.1.2.3.0
Oracle Service Bus, version(s) 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0, 12.2.1.2.0
Oracle Social Network, version(s) prior to 11.1.12.0.0 (17019101)
Oracle WebCenter Content, version(s) 11.1.1.7, 11.1.1.9, 12.2.1.0, 12.2.1.1, 12.2.1.2
Oracle WebCenter Sites, version(s) 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0, 12.2.1.2.0
Oracle WebLogic Server, version(s) 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1, 12.2.1.2
Oracle Hyperion Essbase, version(s) 11.1.2.2
Enterprise Manager Base Platform, version(s) 12.1.0, 13.1.0, 13.2.0
Oracle E-Business Suite, version(s) 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6
Oracle Transportation Manager, version(s) 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.0, 6.4.1, 6.4.2
PeopleSoft Enterprise CS Campus Community, version(s) 9.2
PeopleSoft Enterprise FIN Receivables, version(s) 9.2 PeopleSoft
PeopleSoft Enterprise FSCM, version(s) 9.1 PeopleSoft
PeopleSoft Enterprise PeopleTools, version(s) 8.54, 8.55 PeopleSoft
PeopleSoft Enterprise SCM eBill Payment, version(s) 9.2 PeopleSoft
PeopleSoft Enterprise SCM eSupplier Connection, version(s) 9.2 PeopleSoft
PeopleSoft Enterprise SCM Purchasing, version(s) 9.2 PeopleSoft
PeopleSoft Enterprise SCM Service Procurement, version(s) 9.2 PeopleSoft
PeopleSoft Enterprise SCM Strategic Sourcing, version(s) 9.2 PeopleSoft
JD Edwards EnterpriseOne Tools, version(s) 9.2 JD Edwards
Siebel Applications, version(s) 6.1, 6.2, 7.0, 7.1 Siebel
Oracle Commerce Guided Search / Oracle Commerce Experience Manager, version(s) 6.1.4, 6.2.2, 6.3.0, 6.4.1.2, 6.5.0, 6.5.1, 6.5.2, 11.0, 11.1, 11.2 Oracle Commerce
Oracle Fusion Applications, version(s) 11.1.2 through 11.1.9 Fusion Applications
Oracle Communications ASAP, version(s) 7.0, 7.2, 7.3 Oracle Communications ASAP
Oracle Communications Network Integrity, version(s) 7.2.4, 7.3.0 Oracle Communications Network Integrity
Oracle Communications Policy Management, version(s) 12.2 Oracle Communications Policy Management
Oracle Communications Security Gateway, version(s) 3.0.0 Oracle Communications Security Gateway
Oracle Communications Service Broker Engineered System Edition, version(s) 6.0, 6.1 Oracle Communications Service Broker Engineered System Edition
Oracle Communications Session Border Controller, version(s) SCZ7.3.0, SCZ7.4.0 Oracle Communications Session Border Controller
Oracle Financial Services Analytical Applications Infrastructure, version(s) 7.3.3, 7.3.4, 7.3.5 Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Asset Liability Management, version(s) 6.0.0, 6.1.0, 6.1.1, 8.0.1, 8.0.2, 8.0.3, 8.0.4 Oracle Financial Services Asset Liability Management
Oracle Financial Services Basel Regulatory Capital Basic, version(s) 6.1.2, 6.1.3, 8.0.2, 8.0.3 Oracle Financial Services Basel Regulatory Capital Basic
Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach, version(s) 6.1.2, 6.1.3, 8.0.2, 8.0.3 Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach
Oracle Financial Services Data Foundation, version(s) 8.0.1, 8.0.2, 8.0.3, 8.0.4 Oracle Financial Services Data Foundation
Oracle Financial Services Data Integration Hub, version(s) 8.0.1, 8.0.2, 8.0.3, 8.0.4 Oracle Financial Services Data Integration Hub
Oracle Financial Services Enterprise Financial Performance Analytics, version(s) 8.0.0 to 8.0.4 Oracle Financial Services Enterprise Financial Performance Analytics
Oracle Financial Services Funds Transfer Pricing, version(s) 6.0.0, 6.1.0, 6.1.1, 8.0.1, 8.0.2, 8.0.3, 8.0.4 Oracle Financial Services Funds Transfer Pricing
Financial Services Hedge Management and IFRS Valuations, version(s) 6.1.1, 8.0.1, 8.0.2, 8.0.3, 8.0.4 Oracle Financial Services Hedge Management and IFRS Valuations
Oracle Financial Services Institutional Performance Analytics, version(s) 8.0.0 to 8.0.4 Oracle Financial Services Institutional Performance Analytics
Oracle Financial Services Liquidity Risk Management, version(s) 8.0.1, 8.0.2, 8.0.4 Oracle Financial Services Liquidity Risk Management
Oracle Financial Services Loan Loss Forecasting and Provisioning, version(s) 1.5.0, 1.5.1, 8.0.1, 8.0.2, 8.0.3, 8.0.4 Oracle Financial Services Loan Loss Forecasting and Provisioning
Oracle Financial Services Pricing Management/Transfer Pricing Component, version(s) 8.0.0 to 8.0.4 Oracle Financial Services Pricing Management, Transfer Pricing Component
Oracle Financial Services Profitability Management, version(s) 6.0.0, 6.1.0, 6.1.1, 8.0.1, 8.0.2, 8.0.3, 8.0.4 Oracle Financial Services Profitability Management
Oracle Financial Services Reconciliation Framework, version(s) 8.0.0, 8.0.1, 8.0.2 Oracle Financial Services Analytical Applications Reconciliation Framework
Oracle Financial Services Retail Customer Analytics, version(s) 8.0.0 to 8.0.3 Oracle Financial Services Retail Customer Analytics
Oracle Financial Services Retail Performance Analytics, version(s) 8.0.0 to 8.0.4 Oracle Financial Services Retail Performance Analytics
Oracle FLEXCUBE Direct Banking, version(s) 12.0.2, 12.0.3 Oracle Financial Services Applications
Oracle FLEXCUBE Enterprise Limits and Collateral Management, version(s) 12.0.0, 12.0.1, 12.1.0 Oracle Financial Services Applications
Oracle FLEXCUBE Investor Servicing, version(s) 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0, 12.3.0 Oracle Financial Services Applications
Oracle FLEXCUBE Private Banking, version(s) 2.0.0, 2.0.1, 2.2.0.1, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 Oracle Financial Services Applications
Oracle FLEXCUBE Universal Banking, version(s) 11.3.0, 11.4.0, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0 Oracle Financial Services Applications
Oracle Insurance Data Foundation, version(s) 8.0.1, 8.0.2, 8.0.3, 8.0.4 Oracle Insurance Data Foundation
Oracle Healthcare Master Person Index, version(s) 3.0.0.x and 4.0.1.x, prior to and 2.0.1.x Health Sciences
Oracle Hospitality OPERA 5 Property Services, version(s) 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x, 5.5.1.x Oracle Hospitality OPERA 5 Property Services
Oracle Insurance Istream, version(s) 4.3.2 and prior Oracle Insurance Applications
MICROS Lucas, version(s) 2.9.5.1, 2.9.5.2, 2.9.5.3, 2.9.5.4, 2.9.5.5 Retail Applications
MICROS Relate CRM Software, version(s) 10.0, 10.5, 10.8, 11.0, 11.1, 11.4, 15.0 Retail Applications
MICROS XBR, version(s) 10.0.1, 10.5.0, 10.6.0, 10.7.7, 10.8.0, 10.8.1 Retail Applications
MICROS Xstore Payment, version(s) 5.5, 6.0, 6.5, 7.0, 7.1, 15.0, 16.0 Retail Applications
Oracle Retail Advanced Inventory Planning, version(s) 14.1, 15.0 Retail Applications
Oracle Retail Advanced Science Engine, version(s) 14.1 Retail Applications
Oracle Retail Analytic Parameter Calculator - RO, version(s) 15.0 Retail Applications
Oracle Retail Analytics, version(s) 14.0, 14.1, 15.0, 16.0 Retail Applications
Oracle Retail Assortment Planning, version(s) 14.1.3, 15.0.1, 16.0.0 Retail Applications
Oracle Retail Back Office, version(s) 14.1 Retail Applications
Oracle Retail Category Management, version(s) 13.2, 13.3, 14.0, 14.1 Retail Applications
Oracle Retail Category Management Planning & Optimization, version(s) 15.0 Retail Applications
Oracle Retail Customer Insights, version(s) 15.0 Retail Applications
Oracle Retail Customer Management and Segmentation Foundation, version(s) 15.0 Retail Applications
Oracle Retail Demand Forecasting, version(s) 14.1.3, 15.0.2 Retail Applications
Oracle Retail Invoice Matching, version(s) 12.0, 13.0, 13.1, 13.2, 14.0, 14.1 Retail Applications
Oracle Retail Item Planning, version(s) 14.1.3, 15.0.2 Retail Applications
Oracle Retail Macro Space Optimization, version(s) 15.0.2 Retail Applications
Oracle Retail Merchandise Financial Planning, version(s) 14.1.3, 15.0.2 Retail Applications
Oracle Retail Merchandising Insights, version(s) 15.0 Retail Applications
Oracle Retail Open Commerce Platform, version(s) 4.0, 5.0, 5.1, 5.3, 6.0, 6.1, 15.0, 16.0 Retail Applications
Oracle Retail Order Broker, version(s) 5.1, 5.2, 15.0, 16.0 Retail Applications
Oracle Retail Point-of-Service, version(s) 14.1.3 Retail Applications
Oracle Retail Predictive Application Server, version(s) 13.1, 13.2, 13.3, 13.3.3, 13.4, 13.4.3, 14.0, 14.0.3, 14.1, 14.1.3, 15.0, 15.0.2, 16.0.0 Retail Applications
Oracle Retail Regular Price Optimization, version(s) 14.1.3, 15.0.2 Retail Applications
Oracle Retail Replenishment Optimization, version(s) 14.1.3, 15.0.2 Retail Applications
Oracle Retail Returns Management, version(s) 14.1 Retail Applications
Oracle Retail Size Profile Optimization, version(s) 14.1.3, 15.0.2 Retail Applications
Oracle Retail Store Inventory, version(s) 14.1, 15.0, 16.0 Retail Applications
Oracle Retail Warehouse Management System, version(s) 13.2, 14.0, 15.0 Retail Applications
Oracle Retail XBRi Loss Prevention, version(s) 10.0.1, 10.5.0, 10.6.0, 10.7.0, 10.8.0, 10.8.1 Retail Applications
Oracle Retail Xstore Point of Service, version(s) 5.5, 6.0, 6.5, 7.0, 7.1, 15.0, 16.0 Retail Applications
Oracle Real-Time Scheduler, version(s) 2.2.0.3.13, 2.3.0.0, 2.3.0.1 Oracle Utilities Applications
Oracle Utilities Customer Self Service, version(s) 2.1.0.2.0 Oracle Utilities Applications
Oracle Utilities Framework, version(s) 2.2.0.0.0, 4.1.0.1.0, 4.1.0.2.0, 4.2.0.1.0, 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0, 4.3.0.2.0, 4.3.0.3.0 Oracle Utilities Applications
Oracle Utilities Work and Asset Management, version(s) 1.9.1.2.11 Oracle Utilities Applications
Primavera Gateway, version(s) 1.0, 1.1, 14.2, 15.1, 15.2, 16.1, 16.2 Oracle Primavera Products Suite
Primavera P6 Enterprise Project Portfolio Management, version(s) 8.3, 8.4, 15.1, 15.2, 16.1, 16.2 Oracle Primavera Products Suite
Primavera Unifier, version(s) 9.13, 9.14, 10.0, 10.1, 15.1, 15.2 Oracle Primavera Products Suite
Oracle Java SE, version(s) 6u141, 7u131, 8u121 Oracle Java SE
Oracle Java SE Embedded, version(s) 8u121 Oracle Java SE
Oracle JRockit, version(s) R28.3.13 Oracle Java SE
Oracle SuperCluster Specific Software, version(s) 2.3.8, 2.3.13 Oracle and Sun Systems Products Suite
Solaris, version(s) 10, 11.3, None Oracle and Sun Systems Products Suite
Solaris Cluster, version(s) 4.3 Oracle and Sun Systems Products Suite
StorageTek Tape Analytics SW Tool, version(s) prior to 2.2.1 Oracle and Sun Systems Products Suite
Sun ZFS Storage Appliance Kit (AK), version(s) AK 2013 Oracle and Sun Systems Products Suite
Oracle VM VirtualBox, version(s) prior to 5.0.38, prior to 5.1.20 Oracle Linux and Virtualization
Secure Global Desktop, version(s) 4.71, 5.2, 5.3 Oracle Linux and Virtualization
MySQL Cluster, version(s) 7.2.27 and prior, 7.3.16 and prior, 7.4.14 and prior, 7.5.5 and prior Oracle MySQL Product Suite
MySQL Connectors, version(s) 2.1.5 and prior, 5.1.41 and prior Oracle MySQL Product Suite
MySQL Enterprise Backup, version(s) 3.12.3 and prior, 4.0.3 and prior Oracle MySQL Product Suite
MySQL Enterprise Monitor, version(s) 3.1.6.8003 and prior, 3.2.1182 and prior, 3.3.2.1162 and prior Oracle MySQL Product Suite
MySQL Server, version(s) 5.5.54 and prior, 5.6.35 and prior, 5.7.17 and prior, 5.7.11 to 5.7.17 Oracle MySQL Product Suite
MySQL Workbench, version(s) 6.3.8 and prior Oracle MySQL Product Suite
Automatic Service Request (ASR), version(s) prior to 5.7 Oracle Support Tools
Oracle Advanced Support Gateway, version(s) prior to 7.2 Oracle Support Tools
Oracle Trace File Analyzer (TFA), version(s) prior to 12.1.2.8.4 Oracle Support Tools
OSS Support Tools, version(s) prior to RDA 8.15.17.3.14 Oracle Support Tools Fecha actualización el 2021-6-17. Fecha publicación el 2017-4-19. Categoría: Oracle. Autor: Oscar olg Mapa del sitio Fuente: oracle
oracle actualizacion