Oracle April 2009 Critical Patch Update Multiple Vulnerabilities

Oracle April 2009 Critical Patch Update Multiple Vulnerabilities

References:

Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow (Secunia)
Oracle BEA WebLogic Server Plug-ins Integer Overflow (Secunia)
Oracle Database SQL Injection vulnerability in LT.ROLLBACKWORKSPACE (Team SHATTER)
Oracle Homepage (Oracle)
CVE-2009-0991 PoC (Dennis Yurichev )
Secunia Research: Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflo (Secunia Research )
Secunia Research: Oracle BEA WebLogic Server Plug-ins Integer Overflow (Secunia Research )
SQL Injection in package DBMS_AQADM_SYS (ak@red-database-security.com)
SQL Injection in package DBMS_AQIN (ak@red-database-security.com)
Team SHATTER Security Advisory: Buffer Overflow in Resource Manager of Oracle Da (Shatter )
Unprivileged DB users can see APEX password hashes (ak@red-database-security.com)
ZDI-09-017: Oracle Applications Server 10g Format String Vulnerability (ZDI Disclosures )
Oracle Applications Server 10g Format String Vulnerability (ZDI)
Oracle Critical Patch Update Advisory - April 2009 (Oracle)
Oracle Critical Patch Update Pre-Release Announcement - April 2009 (Oracle)
SECURITY ADVISORY (CVE-2009-1001) (Oracle)
SECURITY ADVISORY (CVE-2009-1002) (Oracle)
SECURITY ADVISORY (CVE-2009-1003) (Oracle)
SECURITY ADVISORY (CVE-2009-1004) (Oracle)
SECURITY ADVISORY (CVE-2009-1005) (Oracle)
SECURITY ADVISORY (CVE-2009-1006) (Oracle)
SECURITY ADVISORY (CVE-2009-1012) (Oracle)
SECURITY ADVISORY (CVE-2009-1016) (Oracle)
SQL Injection in package DBMS_AQADM_SYS (Red-Database-Security)
SQL Injection in package DBMS_AQIN (Red-Database-Security)
Unprivileged DB users can see APEX password hashes in FLOWS_030000.WWV_FLOW_USER (Red-Database-Security)