23 vulnerabilities have been reported in various Oracle products. Some have an unknown impact and others can be exploited to disclose sensitive information, gain escalated privileges, conduct PL/SQL injection attacks, manipulate information, or cause a DoS (Denial of Service)…

The vulnerabilities affect the following versions:

• Oracle Database 10g Release 1, versions 10.1.0.2, 10.1.0.3 and 10.1.0.3.1

• Oracle9i Database Server Release 2, versions 9.2.0.4, 9.2.0.5 and 9.2.0.6
• Oracle9i Database Server Release 1, versions 9.0.1.4, 9.0.1.5 and 9.0.4 (9.0.1.5 FIPS)
• Oracle8i Database Server Release 3, version 8.1.7.4
• Oracle8 Database Release 8.0.6, version 8.0.6.3
• Oracle Application Server 10g Release 2 (10.1.2)
• Oracle Application Server 10g (9.0.4), versions 9.0.4.0 and 9.0.4.1
• Oracle9i Application Server Release 2, versions 9.0.2.3 and 9.0.3.1
• Oracle9i Application Server Release 1, version 1.0.2.2
• Oracle Collaboration Suite Release 2, version 9.0.4.2
• Oracle E-Business Suite and Applications Release 11i (11.5)
• Oracle E-Business Suite and Applications Release 11.0

Solution: Apply patches.