Oracle Web Applications Desktop Integrator 12.2.3 Remote Code Execution Vulnerability
12 Sep. 2016
vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service.
The original article can be found at: http://www.securityfocus.com/bid/91787
The information has been provided by Adam Willard ; Alexander Kornbrust ; Alexander Mirosh ; Alvaro Munoz ; Alvaro Munoz ; Ben Lincoln .
* Oracle Web Applications Desktop Integrator 12.1.3
* Oracle Web Applications Desktop Integrator 12.2.3
* Oracle Web Applications Desktop Integrator 12.2.4
* Oracle Web Applications Desktop Integrator 12.2.5
A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:
Critical Patch Updates and Security Alerts for information about Oracle Security Advisories.
Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.