<em style='font-weight:bold;'>(Description Provided by <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-0291" target="_blank">CVE</a>)</em> : Multiple unspecified vulnerabilities in Oracle Database Server 10.2.0.1, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i), and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) WF02 and (2) WF03 in the Oracle Workflow Cartridge component.

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch (Jan2006 Critical Patch Update) to address this vulnerability.

• Bugtraq ID: 16287
• Secunia Advisory ID: 18493 18608
• CVE ID: 2006-0291 (see also: NVD)
• CERT VU: 545804
• VUPEN Advisory: ADV-2006-0243 ADV-2006-0323
• Keyword: Document ID: c00593668 HPSBMA02094 SSRT061104 WF03
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-01/0420.html
• News Article: http://news.com.com/Oracle+fixes+pile+of+bugs/2100-1002_3-6027847.html
• Vendor Specific Advisory URL: http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html
  http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c00593668

Unknown or Incomplete