فا

‫ Oracle HTTP Server Multiple Vulnerabilities

IRCAD2014013086
ID: IRCAD2014013086
Release Date: 2014-01-15
Criticality level: Highly critical
Software:
Oracle HTTP Server 11.x
Oracle HTTP Server 12.x
Description:
Oracle has acknowledged multiple vulnerabilities in Oracle HTTP Server, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a vulnerable system.
1) The application bundles a vulnerable version of Apache HTTP Server.
2) The application bundles a vulnerable version of Network Security Services.
3) The application bundles a vulnerable Novell product.
The vulnerabilities are reported in HTTP Server versions 11.1.1.6.0, 11.1.1.7.0, and 12.1.2.0.
Solution
Apply updates (please see the vendor's advisory for details).
References:
Secunia:
http://secunia.com/advisories/56458/

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 11 بهمن 1392

امتیاز

امتیاز شما
تعداد امتیازها: 0