Does CVE-2014-0378 affects the version of Embedded Oracle Database shipped with Red Hat Satellite ?

Solution Verified - Updated -

Environment

  • Red Hat Satellite
  • Embedded Oracle Database

Issue

  • Does Oracle CVE-2014-0378 affect the version of Embedded Oracle Database shipped with Red Hat Satellite ?

Resolution

  • The mentioned CVE-2014-0378 does not affect the version of Embedded Oracle Database shipped with Red Hat Satellite Server.

Root Cause

  • The version of Embedded Oracle Database as shipped with Red Hat Satellite is 10g.
  • While the CVE-2014-0378 is related to Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 where due to a vulenrablity the Spatial component allows local users to affect confidentiality, integrity, and availability via unknown vectors.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.