CVE-2012-2142 Arbitrary Code Execution vulnerability in XPDF

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2142 Arbitrary Code Execution vulnerability 2.6 XPDF
Solaris 11.2 11.2.4.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in GNU patch utility

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2010-1679 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 6.8 GNU patch utility
Solaris 11.2 11.2.4.6.0
CVE-2010-4651 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.8

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3956 Information Disclosure vulnerability in Sendmail

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3956 Information Disclosure vulnerability 1.9 Sendmail
Solaris 11.2 11.2.4.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-4330 Buffer Errors vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-4330 Buffer Errors vulnerability 2.1 Perl
Solaris 11.2 11.2.4.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3248 Untrusted search path vulnerability in Facter

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3248 Untrusted search path vulnerability 6.2 Facter
Solaris 11.2 11.2.4.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-6414 Unauthenticated Access vulnerability in OpenStack Neutron

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-6414 Unauthenticated Access vulnerability 4.0 OpenStack Neutron
Solaris 11.2 11.2.4.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-7144 Cryptographic Issues vulnerability in OpenStack keystonemiddleware

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-7144 Cryptographic Issues vulnerability 4.3 OpenStack keystonemiddleware
Solaris 11.2 11.2.4.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-2856 Cross-site scripting (XSS) vulnerability in CUPS

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-2856 Cross-site scripting (XSS) vulnerability 4.3 Common Unix Printing System (CUPS)
Solaris 11.2 11.2.4.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-7185 Integer overflow vulnerability in Python

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-7185 Integer overflow vulnerability 6.4 Python
Solaris 11.2 11.2.4.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Nova

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-2573 Permissions, Privileges, and Access Control vulnerability 2.3 OpenStack Compute (Nova)
Solaris 11.2 11.2.4.6.0
CVE-2014-3608 Resource Management Errors vulnerability 2.7

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Wireshark

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-6421 Use-after-free vulnerability 5.0 Wireshark
Solaris 11.2 11.2.4.6.0
CVE-2014-6422 Buffer Errors vulnerability 5.0
CVE-2014-6423 Resource Management Errors vulnerability 5.0
CVE-2014-6424 Buffer Errors vulnerability 5.0
CVE-2014-6425 Buffer Errors vulnerability 5.0
CVE-2014-6426 Resource Management Errors vulnerability 5.0
CVE-2014-6427 Buffer Errors vulnerability 5.0
CVE-2014-6428 Buffer Errors vulnerability 5.0
CVE-2014-6429 Input Validation vulnerability 5.0
CVE-2014-6430 Input (more...)

CVE-2014-4345 Numeric Errors vulnerability in Kerberos

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-4345 Numeric Errors vulnerability 8.5 Kerberos
Solaris 10 SPARC: 147793-14 X86: 147794-14
Solaris 11.2 11.2.4.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities fixed in NSS 3.16

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1620 Cryptographic Issues vulnerability 4.3 NSS
Solaris 10 SPARC: 119213-30 125358-19 X86: 119214-30 125359-19
Solaris 8 SPARC: 119209-30 125358-19 X86: 125359-19
Solaris 9 SPARC: 119211-30 125358-19 X86: 119212-30 125359-19
CVE-2013-1739 Denial of Service(DOS) vulnerability 5.0
CVE-2013-1740 Cryptographic Issues vulnerability 5.8
CVE-2013-1741 Numeric Errors vulnerability 7.5
CVE-2013-5605 Input Validation vulnerability 7.5
CVE-2013-5606 Permissions, Privileges, and Access Control vulnerability 5.8
CVE-2014-1490 Resource (more...)

Multiple vulnerabilities in GnuTLS

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3465 Denial of Service(DoS) vulnerability 5.0 GnuTLS
Solaris 11.1 11.1.21.4.1
Solaris 10 SPARC: 123938-04 X86: 123939-04
CVE-2014-3466 Buffer Errors vulnerability 6.8
CVE-2014-3467 Denial of Service(DoS) vulnerability 4.3
CVE-2014-3468 Numeric Errors vulnerability 6.8
CVE-2014-3469 Denial of Service(DoS) vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities (more...)

Tablespace 195% Full … must be the metric system

I was recently refreshing a test database with production data (using datapump if anyone cares) and had forgotten to check the tablespace sizes between prod and test. During the load, I obviously ran out of space. A quick check in prod showed I needed 4GB of space. The test tablespace was set to grow to 2GB max. To add space, I performed a simple command to add the space.

ALTER DATABASE DATAFILE '/u01/oracle/data01/blah.dbf' RESIZE 8GB;


I resumed the datapump and went on my merry way. A few minutes later I received an email from Grid Control that the tablespace (more...)