Canada Flag Public Safety and Emergency Preparedness Canada | Sécurité publique et Protection civile Canada
Symbol of the Government of Canada
Sauter les menus principaux  
Skip all menus (access key: 2) Skip first menu (access key: 1)
Français Contact Us Help Search Canada Site
About Us Policy Research Programs Newsroom
Public Safety and Emergency Preparedness Canada - Sécurité publique et Protection civile Canada
 
You have accessed an archived page on the Public Safety and Emergency Preparedness Canada website. This material may be outdated. Please consult our new site for up-to-date information.

Title graphic: Operations Products

Advisory Number: AV05-002
Oracle Critical Patch Update
19 January 2005

PURPOSE
The purpose of this advisory is to bring attention to multiple vulnerabilities in Oracle products.

ASSESSMENT
This Critical Patch Update is a cumulative update (including all Oracle Security Alert #68 fixes) containing fixes for multiple security vulnerabilities.

Affected Software:

  • Oracle Database 10g Release 1, versions 10.1.0.2, 10.1.0.3 and 10.1.0.3.1 (supported for Oracle Application Server only)
  • Oracle9i Database Server Release 2, versions 9.2.0.4, 9.2.0.5 and 9.2.0.6
  • Oracle9i Database Server Release 1, versions 9.0.1.4, 9.0.1.5 and 9.0.4 (9.0.1.5 FIPS) (supported for Oracle Application Server only)
  • Oracle8i Database Server Release 3, version 8.1.7.4
  • Oracle8 Database Release 8.0.6, version 8.0.6.3 (supported for E-Business Suite only)
  • Oracle Application Server 10g Release 2 (10.1.2)
  • Oracle Application Server 10g (9.0.4), versions 9.0.4.0 and 9.0.4.1
  • Oracle9i Application Server Release 2, versions 9.0.2.3 and 9.0.3.1
  • Oracle9i Application Server Release 1, version 1.0.2.2
  • Oracle Collaboration Suite Release 2, version 9.0.4.2
  • Oracle E-Business Suite and Applications Release 11i (11.5)
  • Oracle E-Business Suite and Applications Release 11.0

    Impact of Vulnerabilities: Remote Code Execution

Oracle's Maximum Severity Rating: Wide impact

SUGGESTED ACTION
PSEPC recommends that administrators test and install the update at the earliest opportunity.

Additional information available at:
http://www.oracle.com/technology/deploy/security/pdf/cpu-jan-2005_advisory.pdf


---

Note to Readers

Public Safety and Emergency Preparedness Canada (PSEPC) collects information related to cyber and physical threats to, and incidents involving, Canadian critical infrastructure. This allows us to monitor and analyse threats and to issue alerts, advisories and other information products to our partners. To report threats or incidents, please contact the PSEPC operations coordination centre at (613) 991-7000 or goc-cog@psepc-sppcc.gc.ca by e-mail.

Unauthorized use of computer systems and mischief in relation to data are serious Criminal Code offences in Canada. Any suspected criminal activity should be reported to local law enforcement organizations. The RCMP National Operations Centre (NOC) provides a 24/7 service to receive such reports or to redirect callers to local law enforcement organizations. The NOC can be reached at (613) 993-4460. National security concerns should be reported to the Canadian Security Intelligence Service (CSIS) at (613) 993-9620.

Links to sites not under the control of the Government of Canada (GoC) are provided solely for the convenience of users. The GoC is not responsible for the accuracy, currency or the reliability of the content. The GoC does not offer any guarantee in that regard and is not responsible for the information found through these links, nor does it endorse the sites and their content.
Last Updated: 10/25/2005
Top of page
 Important Notices