Fix Available: Yes Vendor Confirmed: Yes
Version(s): 8.9, 9.0
Description: A vulnerability was reported in PeopleSoft Human Resources Management System (HRMS). A remote authenticated user can access and modify data on the target system.
No details were provided.
The following researchers reported these and other Oracle vulnerabilities:
Dyon Balding of Secunia Research; Joshua J. Drake of iDefense; Gerhard Eschelbeck of Qualys, Inc.; Esteban Martinez Fayo of Application Security, Inc.; Franz Huell of Red Database Security; Mike Janowski of Neohapsis, Inc.; Joxean Koret; Joxean Koret of TippingPoint (3com); Alexander Kornbrust of Red Database Security; David Litchfield of NGS Software; Tanel Poder; Sven Vetter of Trivadis; and Dennis Yurichev.
Impact: A remote authenticated user can access and modify data on the target system.
Solution: The vendor has issued a fix, described in their April 2009 Critical Patch Update advisory.
The vendor's advisory is available at:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment