Описание
Oracle Outside in Libraries Elevation of Privilege Vulnerabilities
This security update addresses the following vulnerabilities, which are described in Oracle Critical Patch Update Advisory - January 2016:
- CVE-2015-6013: Oracle Outside In 8.5.2 WK4 stack buffer overflow
- CVE-2015-6014: Oracle Outside In 8.5.2 DOC stack buffer overflow
- CVE-2015-6015: Oracle OIT 8.5.2 Paradox DB stack buffer overflow
FAQ
Why is Microsoft issuing a security update for vulnerabilities that are in third-party code, Oracle Outside In libraries? Microsoft licenses a custom implementation of the Oracle Outside In libraries, specific to the product in which the third-party code is used. Microsoft is issuing this security update to help ensure that all customers using this third-party code in Microsoft Exchange are protected from these vulnerabilities. For more information about these vulnerabilities, see Oracle Critical Patch Update Advisory - January 2016.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Exchange Server 2007 Service Pack 3 | ||
| Microsoft Exchange Server 2013 Service Pack 1 | ||
| Microsoft Exchange Server 2013 Cumulative Update 11 | ||
| Microsoft Exchange Server 2016 | ||
| Microsoft Exchange Server 2013 Cumulative Update 12 | ||
| Microsoft Exchange Server 2016 Cumulative Update 1 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
DOS