A British security research firm has released a slew of security warnings
for flaws in enterprise products from Oracle and IBM's
Lotus.
services_news_sep04::
Products A-Z. TECHNOLOGIES. BI & Data Warehousing. Embedded. Java. Linux .NET. PHP. Security be a member of the Oracle Technology Network in order to
http://www.oracle.com/technology/products/ias/portal/html/services_news_sep04.htmHOME |
security lab: The Month of Apple Bugs published in 14 vulnerability::
Bugs , which is the disclosure of vulnerabilities in Apple products throughout Oracle 9i/10g evil views Change Passwords Exploit
http://securityfire.blogspot.com/2007/07/month-of-apple-buopen=WEEKLY-1186297200000HOME |
Security advisories from NGSSoftware
warned of six serious flaws in components of Oracle's database server
software, including four "critical" buffer overrun vulnerabilities.
Oracle has released patches for the flaws, which also affect its newest
Oracle 9i Application Server, which is specially designed to integrate with
an Oracle backend database server. One of the more serious vulnerabilities
is a format string bug that would let an attacker overwrite arbitrary
address with arbitrary values and gain complete control of the Web server.
(Download patch here).
Another "high risk" alert was issued for a bfilename function
buffer overflow vulnerability which affects Oracle9i Database Release 2, 9i
Release 1, 8i, 8.1.7 and 8.0.6. (Download patch here).
NGSSoftware also issued security alerts for flaws in Lotus 6, Lotus
iNotes Client, Lotus Domino Web Server iNotes and Lotus Domino Web Server
Host.
The vulnerabilities include a "critical risk" flaw in Lotus Domino that
could lead to a denial-of-service attack and a buffer overflow bug in iNotes
that can be exploited by an attacker to run code in the security context of
the account running the Domino Web Services.
 Expansion Cards Getting Makeover
 Intel CEO Calls For More Convergence
| 