Info

Disclosure

Jul 19, 2011

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jul 19, 2011

Description

Oracle Database contains a flaw related to the XML Developer Kit component that may allow an authenticated remote attacker to affect integrity, confidentiality and availability. No further details have been provided.

Classification

Location: Remote / Network Access
Attack Type: Attack Type Unknown
Impact: Loss of Confidentiality, Loss of Integrity, Loss of Availability
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified
OSVDB: Authentication Required

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Unknown or Incomplete

References

CVE ID: 2011-2232 (see also: NVD)
Secunia Advisory ID: 45270 45274
Related OSVDB ID: 73942 73943 73944 73945 73946 73947 73949 73950 73951 73952 73953 73954
News Article: http://www.computerworld.com/s/article/9218427/Oracle_to_issue_78_bug_fixes_on_Tuesday
Vendor Specific Advisory URL: http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html#AppendixAS
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html#AppendixDB
CERT: TA11-201A

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/73948