Release date:
Updated on:
Affected Systems:
Oracle Agile Core 9.3.1
Oracle Agile Core 9.3.0.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 45872,45860
Cve id: CVE-2010-3505, CVE-2010-4429
Oracle supply chain is a first-class, comprehensive, open and integrated solution that supports information-driven supply chains.
Oracle Supply Chain product Agile Core has security vulnerabilities in implementation, and the "Web Client", "Folders, Files and Attachments" sub-components are also affected. Remote attackers can exploit this vulnerability through HTTP.
<* Source: Oracle
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Oracle
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.oracle.com