This host is installed with Oracle Database Server and is prone to multiple information disclosure vulnerabilities.

Successful exploitation will allow attackers to obtain potentially sensitive information and manipulate certain data. Impact Level: Application

Apply patches from below links, http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html#AppendixDB http://www.oracle.com/technetwork/topics/security/cpuoct2013verbose-1899842.html#DB ***** NOTE: Ignore this warning if above mentioned patch is installed. *****

Multiple flaws exist in Core RDBMS component and XML Parser component, no further information available at this moment.

Oracle Database Server version 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 are affected

Get the installed version with the help of tnslsnr service and check it is vulnerable or not.

• http://osvdb.org/98515
• http://secunia.com/advisories/55322
• http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html#AppendixDB
• http://www.oracle.com/technetwork/topics/security/cpuoct2013verbose-1899842.html#DB

---

Updated on 2015-03-25