RETIRED: Oracle January 2014 Critical Patch Update Multiple Vulnerabilities

Oracle has released advance notification regarding the January 2014 Critical Patch Update (CPU) to be released on January 14, 2014. The update addresses 147 vulnerabilities affecting the following software:

Oracle Database Server
Oracle Fusion Middleware
Oracle Hyperion
Oracle E-Business Suite
Oracle Supply Chain Products Suite
Oracle PeopleSoft Products
Oracle Siebel CRM
Oracle iLearning
Oracle Financial Services Software
Oracle Java SE
Oracle and Sun Systems Products Suite
Oracle Virtualization
Oracle MySQL

Exploiting the most severe of these vulnerabilities may potentially compromise the database server or the host operating system.

This BID is being retired. The following individual records exist to better document the issues:

64913 Oracle VM VirtualBox CVE-2014-0407 Local Security Vulnerability
64911 Oracle VM VirtualBox CVE-2014-0404 Local Security Vulnerability
64909 Oracle VM VirtualBox CVE-2013-5892 Local Security Vulnerability
64905 Oracle VM VirtualBox CVE-2014-0406 Local Security Vulnerability
64900 Oracle VM VirtualBox CVE-2014-0405 Local Security Vulnerability
64937 Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
64935 Oracle Java SE CVE-2014-0428 Remote Security Vulnerability
64932 Oracle Java SE CVE-2014-0417 Remote Security Vulnerability
64921 Oracle Java SE CVE-2014-0422 Remote Security Vulnerability
64920 Oracle Java SE CVE-2014-0403 Remote Security Vulnerability
64919 Oracle Java SE CVE-2014-0424 Remote Security Vulnerability
64918 Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
64917 Oracle Java SE CVE-2014-0418 Remote Security Vulnerability
64915 Oracle Java SE CVE-2014-0410 Remote Security Vulnerability
64914 Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
64899 Oracle Java SE CVE-2014-0415 Remote Security Vulnerability
64882 Oracle Java SE CVE-2014-0387 Remote Security Vulnerability
64936 Oracle Java SE CVE-2014-0382 Remote Security Vulnerability
64934 Oracle Java SE CVE-2013-5905 Remote Security Vulnerability
64933 Oracle Java SE CVE-2013-5910 Remote Security Vulnerability
64930 Oracle Java SE CVE-2014-0368 Remote Security Vulnerability
64923 Oracle Java SE CVE-2013-5902 Remote Security Vulnerability
64922 Oracle Java SE CVE-2014-0373 Remote Security Vulnerability
64916 Oracle Java SE CVE-2014-0375 Remote Security Vulnerability
64907 Oracle Java SE CVE-2014-0376 Remote Security Vulnerability
64903 Oracle Java SE CVE-2013-5906 Remote Security Vulnerability
64894 Oracle Java SE CVE-2013-5907 Remote Security Vulnerability
64890 Oracle Java SE CVE-2013-5904 Remote Security Vulnerability
64931 Oracle Java SE CVE-2013-5889 Remote Security Vulnerability
64929 Oracle Java SE and JavaFX CVE-2013-5870 Remote Security Vulnerability
64928 Oracle Java SE CVE-2013-5899 Remote Security Vulnerability
64927 Oracle Java SE CVE-2013-5878 Remote Security Vulnerability
64926 Oracle Java SE CVE-2013-5896 Remote Security Vulnerability
64925 Oracle Java SE CVE-2013-5888 Local Security Vulnerability
64924 Oracle Java SE CVE-2013-5884 Remote Security Vulnerability
64912 Oracle Java SE CVE-2013-5898 Remote Security Vulnerability
64906 Oracle Java SE CVE-2013-5895 Remote Security Vulnerability
64875 Oracle Java SE CVE-2013-5887 Remote Security Vulnerability
64863 Oracle Java SE CVE-2013-5893 Remote Security Vulnerability
64908 Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
64904 Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
64898 Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
64896 Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
64880 Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
64877 Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
64849 Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
64832 Oracle Siebel Core CVE-2014-0369 Remote Security Vulnerability
64892 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0381 Remote Security Vulnerability
64884 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0439 Remote Security Vulnerability
64881 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0440 Remote Security Vulnerability
64887 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0438 Remote Security Vulnerability
64889 Oracle PeopleSoft Enterprise SCM Services Procurement CVE-2014-0425 Remote Security Vulnerability
64878 Oracle PeopleSoft Enterprise HRMS Human Resources CVE-2014-0388 Remote Security Vulnerability
64867 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0445 Remote Security Vulnerability
64865 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0380 Remote Security Vulnerability
64874 Oracle PeopleSoft Enterprise HRMS CVE-2014-0392 Remote Security Vulnerability
64855 Oracle PeopleSoft Enterprise HRMS CVE-2013-5909 Remote Security Vulnerability
64858 Oracle PeopleSoft Enterprise HRMS CVE-2013-5886 Remote Security Vulnerability
64848 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0394 Remote Security Vulnerability
64852 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0395 Remote Security Vulnerability
64841 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0396 Remote Security Vulnerability
64839 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0441 Remote Security Vulnerability
64844 Oracle PeopleSoft Enterprise PeopleTools CVE-2014-0443 Remote Security Vulnerability
64834 Oracle PeopleSoft Enterprise PeopleTools CVE-2013-5873 Remote Security Vulnerability
64883 Oracle Supply Chain Products Suite CVE-2014-0444 Remote Security Vulnerability
64886 Oracle Supply Chain Products Suite CVE-2014-0371 Remote Security Vulnerability
64857 Oracle Supply Chain Products Suite CVE-2014-0379 Remote Security Vulnerability
64872 Oracle Supply Chain Products Suite CVE-2013-5871 Remote Security Vulnerability
64869 Oracle Supply Chain Products Suite CVE-2014-0435 Remote Security Vulnerability
64879 Oracle Supply Chain Products Suite CVE-2013-5868 Remote Security Vulnerability
64910 Oracle Java SE CVE-2014-0408 Remote Security Vulnerability
64901 Oracle Java SE CVE-2014-0385 Remote Security Vulnerability
64861 Oracle Supply Chain Products Suite CVE-2014-0399 Remote Security Vulnerability
64851 Oracle Supply Chain Products Suite CVE-2014-0434 Remote Security Vulnerability
64836 Oracle Supply Chain Products Suite CVE-2013-5880 Remote Security Vulnerability
64831 Oracle Supply Chain Products Suite CVE-2013-5877 Remote Security Vulnerability
64846 Oracle Supply Chain Products Suite CVE-2013-5795 Remote Security Vulnerability
64845 Oracle iLearning CVE-2014-0389 Remote Security Vulnerability
64837 Oracle Siebel Life Sciences CVE-2014-0370 Remote Security Vulnerability
64902 Oracle Secure Global Desktop CVE-2014-0419 Remote Security Vulnerability
64897 Oracle MySQL Server CVE-2014-0431 Remote Security Vulnerability
64895 Oracle MySQL Server CVE-2014-0433 Remote Security Vulnerability
64893 Oracle MySQL Server CVE-2014-0430 Remote Security Vulnerability
64891 Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
64888 Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
64885 Oracle MySQL Server CVE-2013-5881 Remote Security Vulnerability
64873 Oracle MySQL Server CVE-2013-5894 Remote Security Vulnerability
64868 Oracle MySQL Server CVE-2014-0427 Remote Security Vulnerability
64876 Oracle Solaris CVE-2013-5885 Local Security Vulnerability
64871 Oracle Solaris CVE-2013-5872 Local Security Vulnerability
64866 Oracle Solaris CVE-2013-5875 Local Security Vulnerability
64862 Oracle Solaris CVE-2013-5883 Local Security Vulnerability
64864 Oracle MySQL Server CVE-2013-5860 Remote Security Vulnerability
64854 Oracle MySQL Server CVE-2013-5882 Remote Security Vulnerability
64859 Oracle Solaris CVE-2014-0390 Remote Security Vulnerability
64856 Oracle Solaris CVE-2013-5821 Local Security Vulnerability
64853 Oracle Solaris CVE-2013-5876 Local Security Vulnerability
64826 Oracle Supply Chain Products Suite CVE-2014-0372 Remote Security Vulnerability
64850 Oracle Solaris CVE-2013-5833 Local Security Vulnerability
64843 Oracle Solaris CVE-2013-5834 Local Security Vulnerability
64842 Oracle Identity Manager CVE-2014-0383 Remote Security Vulnerability
64838 Oracle Identity Manager CVE-2013-5900 Remote Security Vulnerability
64835 Oracle WebCenter Portal CVE-2013-5869 Remote Security Vulnerability
64830 Oracle Portal CVE-2014-0374 Remote Security Vulnerability
64829 Oracle Identity Manager CVE-2014-0391 Remote Security Vulnerability
64827 Oracle iPlanet Web Proxy Server CVE-2013-5808 Remote Security Vulnerability
64825 Oracle Outside In Technology CVE-2013-5879 Local Security Vulnerability
64822 Oracle Internet Directory CVE-2014-0400 Remote Security Vulnerability
64819 Oracle Reports Developer CVE-2013-5785 Remote Security Vulnerability
64815 Oracle Identity Manager CVE-2013-5901 Remote Security Vulnerability
64833 Oracle E-Business Suite CVE-2013-5874 Local Security Vulnerability
64823 Oracle Supply Chain Products Suite CVE-2013-5897 Remote Security Vulnerability
64828 Oracle E-Business Suite CVE-2014-0366 Remote Security Vulnerability
64821 Oracle Hyperion Strategic Finance CVE-2013-3830 Remote Security Vulnerability
64814 Oracle Hyperion Essbase Administration Services CVE-2014-0367 Remote Security Vulnerability
64818 Oracle E-Business Suite CVE-2014-0398 Remote Security Vulnerability
64824 Oracle Database Server CVE-2014-0377 Remote Security Vulnerability
64816 Oracle E-Business Suite CVE-2013-5890 Remote Security Vulnerability
64820 Oracle Database Server CVE-2013-5858 Remote Security Vulnerability
64817 Oracle Database Server CVE-2013-5764 Remote Security Vulnerability
64812 Oracle Database Server CVE-2014-0378 Local Security Vulnerability
64811 Oracle Database Server CVE-2013-5853 Core RDBMS Remote Security Vulnerability
62587 Apache Struts CVE-2013-4316 Remote Code Execution Vulnerability
22694 Mozilla Thunderbird/SeaMonkey/Firefox Multiple Remote Vulnerabilities
59826 Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
59797 Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
58453 Puppet CVE-2013-1654 Security Bypass Vulnerability
59313 Websense Email Security CVE-2012-4605 Information Disclosure Vulnerability
57777 Mozilla Network Security Services CVE-2013-1620 Information Disclosure Vulnerability
61189 Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
61196 Apache Struts CVE-2013-2248 Multiple Open Redirection Vulnerabilities
60345 Apache Struts CVE-2013-2135 OGNL Expression Injection Vulnerability
60346 Apache Struts CVE-2013-2134 OGNL Expression Injection Vulnerability
62584 Apache Struts CVE-2013-4310 Security Bypass Vulnerability
17176 Novell SSL Server Multiple Vulnerabilities
58165 Apache HTTP Server Multiple Cross Site Scripting Vulnerabilities
59799 Apache Tomcat CVE-2013-2067 Session Fixation Vulnerability
59798 Apache Tomcat CVE-2013-2071 Information Disclosure Vulnerability


 

Privacy Statement
Copyright 2010, SecurityFocus