Oracle has released 276 security updates as part of the quarterly patch release cycle. The Oracle Critical Patch Update – July 2016 provides fixes for: Database Server, WebLogic, Application Express, E-Business Suite, Java SE, MySQL Server, PeopleSoft Enterprise, Retail Applications Suite, Fusion Applications, Hyperion, Enterprise Manager Grid Control, Supply Chain Products Suite, JD Edwards Products, Siebel CRM Executive, Communications Applications, Financial Services Applications, Health Sciences Applications, Insurance Applications, Utilities Applications, Virtualization, Sun Systems Products Suite, Primavera Products Suite and Policy Automation.
The CPUJul2016 Advisory addresses,
- Nine (9) security vulnerabilities for the Oracle Database Server of which five (5) vulnerabilities may be remotely exploitable without authentication.
-
Forty (40) security vulnerabilities for Oracle Fusion Middleware of which thirty-five (35) vulnerabilities may be remotely exploitable without authentication
-
Twenty three (23) security vulnerabilities for the Oracle E-Business Suite of which twenty-one (21) vulnerabilities may be remotely exploitable without authentication.
-
Twenty five (25) security vulnerabilities for the Oracle Supply Chain Products Suite of which thirteen (13) vulnerabilities may be remotely exploitable without authentication.
-
Twenty two (22) security vulnerabilities for Oracle MySQL of which three (3) vulnerabilities may be remotely exploitable without authentication.
-
Four (4) security vulnerabilities for Oracle Virtualization of which three (3) vulnerabilities may be remotely exploitable without authentication.
-
Thirty four (34) security vulnerabilities for the Oracle Sun Systems Products Suite of which twenty-one (21) may be remotely exploitable without authentication.
-
Fifteen (15) security vulnerabilities for the Oracle Primavera Products Suite of which eight (8) may be remotely exploitable without authentication.
-
Thirteen (13) security vulnerabilities for Oracle Java SE of which nine (9) may be remotely exploitable without authentication.
Detailed list of Affected Products and Components:t
Affected Products and Versions |
Patch Availability |
Application Express, version(s) prior to 5.0.4 |
Database |
Oracle Database Server, version(s) 11.2.0.4, 12.1.0.1, 12.1.0.2 |
Database |
Oracle Access Manager, version(s) 10.1.4.x, 11.1.1.7 |
Fusion Middleware |
Oracle BI Publisher, version(s) 11.1.1.7.0, 11.1.1.9.0, 12.2.1.0.0 |
Fusion Middleware |
Oracle Business Intelligence Enterprise Edition, version(s) 11.1.1.7.0, 11.1.1.9.0, 11.2.1.0.0 |
Fusion Middleware |
Oracle Directory Server Enterprise Edition, version(s) 7.0, 11.1.1.7.0 |
Fusion Middleware |
Oracle Exalogic Infrastructure, version(s) 1.x, 2.x |
Fusion Middleware |
Oracle Fusion Middleware, version(s) 11.1.1.7, 11.1.1.8, 11.1.1.9, 11.1.2.2, 11.1.2.3, 12.1.3.0, 12.2.1.0 |
Fusion Middleware |
Oracle GlassFish Server, version(s) 2.1.1, 3.0.1, 3.1.2 |
Fusion Middleware |
Oracle HTTP Server, version(s) 11.1.1.9, 12.1.3.0 |
Fusion Middleware |
Oracle JDeveloper, version(s) 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.0.0 |
Fusion Middleware |
Oracle Portal, version(s) 11.1.1.6 |
Fusion Middleware |
Oracle TopLink, version(s) 12.1.3.0, 12.2.1.0, 12.2.1.1 |
Fusion Middleware |
Oracle WebCenter Sites, version(s) 11.1.1.8, 12.2.1.0 |
Fusion Middleware |
Oracle WebLogic Server, version(s) 10.3.6.0, 12.1.3.0, 12.2.1.0 |
Fusion Middleware |
Outside In Technology, version(s) 8.5.0, 8.5.1, 8.5.2 |
Fusion Middleware |
Hyperion Financial Reporting, version(s) 11.1.2.4 |
Fusion Middleware |
Enterprise Manager Base Platform, version(s) 12.1.0.5, 13.1.0.0 |
Enterprise Manager |
Enterprise Manager for Fusion Middleware, version(s) 11.1.1.7, 11.1.1.9 |
Enterprise Manager |
Enterprise Manager Ops Center, version(s) 12.1.4, 12.2.2, 12.3.2 |
Enterprise Manager |
Oracle E-Business Suite, version(s) 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 |
E-Business Suite |
Oracle Agile Engineering Data Management, version(s) 6.1.3.0, 6.2.0.0 |
Oracle Supply Chain Products |
Oracle Agile PLM, version(s) 9.3.4, 9.3.5 |
Oracle Supply Chain Products |
Oracle Demand Planning, version(s) 12.1, 12.2 |
Oracle Supply Chain Products |
Oracle Transportation Management, version(s) 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.0, 6.4.1 |
Oracle Supply Chain Products |
PeopleSoft Enterprise FSCM, version(s) 9.1, 9.2 |
PeopleSoft |
PeopleSoft Enterprise PeopleTools, version(s) 8.53, 8.54, 8.55 |
PeopleSoft |
JD Edwards EnterpriseOne Tools, version(s) 9.2.0.5 |
JD Edwards |
Oracle Knowledge, version(s) 8.5.x |
Oracle Knowledge |
Siebel Applications, version(s) 8.1.1, 8.2.2, IP2014, IP2015, IP2016 |
Siebel |
Oracle Fusion Applications, version(s) 11.1.2 through 11.1.10 |
Fusion Applications |
Oracle Communications ASAP, version(s) 7.0, 7.2, 7.3 |
Oracle Communications ASAP |
Oracle Communications Core Session Manager, version(s) 7.2.5, 7.3.5 |
Oracle Communications Core Session Manager |
Oracle Communications EAGLE Application Processor, version(s) 16.0 |
Oracle Communications EAGLE Application Processor |
Oracle Communications Messaging Server, version(s) 6.3, 7.0, 8.0, Prior to 7.0.5.37.0 and 8.0.1.1.0 |
Oracle Communications Messaging Server |
Oracle Communications Network Charging and Control, version(s) 4.4.1.5.0, 5.0.0.1.0, 5.0.0.2.0, 5.0.1.0.0, 5.0.2.0.0 |
Oracle Communications Network Charging and Control |
Oracle Communications Operations Monitor, version(s) prior to 3.3.92.0.0 |
Oracle Communications Operations Monitor |
Oracle Communications Policy Management, version(s) prior to 9.9.2 |
Oracle Communications Policy Management |
Oracle Communications Session Border Controller, version(s) 7.2.0, 7.3.0 |
Oracle Communications Session Border Controller |
Oracle Communications Unified Session Manager, version(s) 7.2.5, 7.3.5 |
Oracle Communications Unified Session Manager |
Oracle Enterprise Communications Broker, version(s) Prior to PCz 2.0.0m4p1 |
Oracle Enterprise Communications Broker |
Oracle Banking Platform, version(s) 2.3.0, 2.4.0, 2.4.1, 2.5.0 |
Oracle Banking Platform |
Oracle Financial Services Lending and Leasing, version(s) 14.1, 14.2 |
Oracle Financial Services Applications |
Oracle FLEXCUBE Direct Banking, version(s) 12.0.1, 12.0.2, 12.0.3 |
Oracle Financial Services Applications |
Oracle Health Sciences Clinical Development Center, version(s) 3.1.1.x, 3.1.2.x |
Health Sciences |
Oracle Health Sciences Information Manager, version(s) 1.2.8.3, 2.0.2.3, 3.0.1.0 |
Health Sciences |
Oracle Healthcare Analytics Data Integration, version(s) 3.1.0.0.0 |
Health Sciences |
Oracle Healthcare Master Person Index, version(s) 2.0.12, 3.0.0, 4.0.1 |
Health Sciences |
Oracle Documaker, version(s) prior to 12.5 |
Oracle Insurance Applications |
Oracle Insurance Calculation Engine, version(s) 9.7.1, 10.1.2, 10.2.2 |
Oracle Insurance Applications |
Oracle Insurance Policy Administration J2EE, version(s) 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0, 10.2.2 |
Oracle Insurance Applications |
Oracle Insurance Rules Palette, version(s) 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0, 10.2.2 |
Oracle Insurance Applications |
MICROS Retail XBRi Loss Prevention, version(s) 10.0.1, 10.5.0, 10.6.0, 10.7.0, 10.8.0, 10.8.1 |
Retail XBRi |
Oracle Retail Central, Back Office, Returns Management, version(s) 13.1, 13.2, 13.3, 13.4, 14.0, 14.1, 12.0 13.0 |
Retail Point-of-Service |
Oracle Retail Integration Bus, version(s) 13.0, 13.1, 13.2, 14.0, 14.1, 15.0 |
Retail Integration Bus |
Oracle Retail Order Broker, version(s) 4.1, 5.1, 5.2, 15.0 |
Retail Order Broker |
Oracle Retail Service Backbone, version(s) 13.0, 13.1, 13.2, 14.0, 14.1, 15.0 |
Retail Service Backbone |
Oracle Retail Store Inventory Management, version(s) 12.0, 13.0, 13.1, 13.2, 14.0, 14.1 |
Retail Store Inventory Management |
Oracle Utilities Framework, version(s) 2.2.0.0.0, 4.1.0.1.0, 4.1.0.2.0, 4.2.0.1.0, 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0, 4.3.0.2.0 |
Oracle Utilities Applications |
Oracle Utilities Network Management System, version(s) 1.10.0.6.27, 1.11.0.4.41, 1.11.0.5.4, 1.12.0.1.16, 1.12.0.2.12. 1.12.0.3.5 |
Oracle Utilities Applications |
Oracle Utilities Work and Asset Management, version(s) 1.9.1.2.8 |
Oracle Utilities Applications |
Oracle In-Memory Policy Analytics, version(s) 12.0.1 |
Oracle Policy Automation |
Oracle Policy Automation, version(s) 10.3.0, 10.3.1, 10.4.0, 10.4.1, 10.4.2, 10.4.3, 10.4.4, 10.4.5, 10.4.6, 12.1.0, 12.1.1 |
Oracle Policy Automation |
Oracle Policy Automation Connector for Siebel, version(s) 10.3.0, 10.4.0, 10.4.1, 10.4.2, 10.4.3, 10.4.4, 10.4.5, 10.4.6 |
Oracle Policy Automation |
Oracle Policy Automation for Mobile Devices, version(s) 12.1.1 |
Oracle Policy Automation |
Primavera Contract Management, version(s) 14.2 |
Oracle Primavera Products Suite |
Primavera P6 Enterprise Project Portfolio Management, version(s) 8.2, 8.3, 8.4, 15.1, 15.2, 16.1 |
Oracle Primavera Products Suite |
Oracle Java SE, version(s) 6u115, 7u101, 8u92 |
Oracle Java SE |
Oracle Java SE Embedded, version(s) 8u91 |
Oracle Java SE |
Oracle JRockit, version(s) R28.3.10 |
Oracle Java SE |
40G 10G 72/64 Ethernet Switch, version(s) 2.0.0 |
Oracle and Sun Systems Products Suite |
Fujitsu M10-1, M10-4, M10-4S Servers, version(s) prior to XCP 2320 |
Oracle and Sun Systems Products Suite |
ILOM, version(s) 3.0, 3.1, 3.2 |
Oracle and Sun Systems Products Suite |
Oracle Switch ES1-24, version(s) 1.3 |
Oracle and Sun Systems Products Suite |
Solaris, version(s) 10, 11.3 |
Oracle and Sun Systems Products Suite |
Solaris Cluster, version(s) 3.3, 4.3 |
Oracle and Sun Systems Products Suite |
SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers, version(s) prior to XCP 1121 |
Oracle and Sun Systems Products Suite |
Sun Blade 6000 Ethernet Switched NEM 24P 10GE, version(s) 1.2 |
Oracle and Sun Systems Products Suite |
Sun Data Center InfiniBand Switch 36, version(s) prior to 2.2.2 |
Oracle and Sun Systems Products Suite |
Sun Network 10GE Switch 72p, version(s) 1.2 |
Oracle and Sun Systems Products Suite |
Sun Network QDR InfiniBand Gateway Switch, version(s) prior to 2.2.2 |
Oracle and Sun Systems Products Suite |
Oracle Secure Global Desktop, version(s) 4.63, 4.71, 5.2 |
Oracle Linux and Virtualization |
Oracle VM VirtualBox, version(s) prior to 5.0.26 |
Oracle Linux and Virtualization |
MySQL Server, version(s) 5.5.49 and prior, 5.6.30 and prior, 5.7.12 and prior |
Oracle MySQL Product Suite |
SecPod Saner detects these vulnerabilities and automatically fixes by applying security updates. Download Saner now and keep your systems updated and secure.
Shakeel