发布日期：2010-07-17
更新日期：2010-07-20

受影响系统：
Oracle Fusion Middleware 10.1.2.3
描述：
--------------------------------------------------------------------------------
BUGTRAQ  ID: 41609,41615,41626
CVE ID: CVE-2010-0081,CVE-2010-0835,CVE-2010-2381

Oracle Fusion Middleware是Oracle 的中间件解决方案组合，用于协助开发、部署及管理SOA和其它应用程序。

Oracle Fusion中间件所使用的Wireless和Application Server Control组件中存在多个安全漏洞，通过认证的远程用户可以通过HTTP协议来利用这些漏洞完全入侵数据库系统。

<*来源：Oracle
  
  链接：c9dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4W2j5%4g2F1K9h3q4Q4x3X3g2U0L8$3#2Q4x3V1k6S2k6s2k6A6M7$3!0J5K9h3g2K6i4K6u0r3y4o6l9#2z5e0N6Q4x3V1j5`.
        786K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0J5j5h3y4D9k6g2)9J5k6h3y4G2L8g2)9J5c8Y4c8W2j5$3S2F1L8$3I4G2k6%4W2Q4x3V1k6V1k6i4m8D9L8%4W2Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5c8X3y4J5K9i4c8A6j5$3q4D9i4K6u0V1M7r3q4@1j5$3S2Q4x3X3c8#2M7r3c8S2N6r3g2K6i4K6u0r3j5%4m8#2K9Y4g2D9x3U0l9I4x3q4)9J5k6h3S2@1L8h3H3`.
        b98K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4g2K6i4K6u0V1j5$3g2J5N6q4)9J5k6h3N6G2N6W2)9J5c8X3y4S2M7#2)9J5c8Y4c8W2j5$3S2S2L8r3g2J5N6s2y4Q4x3V1k6f1b7e0p5H3i4K6u0V1x3e0V1@1b7W2)9J5k6h3S2@1L8h3H3`.
*>

建议：
--------------------------------------------------------------------------------
厂商补丁：

Oracle
------
Oracle已经为此发布了一个安全公告（cpujul2010）以及相应补丁:
cpujul2010：Oracle Critical Patch Update Advisory - July 2010
链接：e5fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0J5j5h3y4D9k6g2)9J5k6h3y4G2L8g2)9J5c8Y4c8W2j5$3S2F1L8$3I4G2k6%4W2Q4x3V1k6V1k6i4m8D9L8%4W2Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5c8X3y4J5K9i4c8A6j5$3q4D9i4K6u0V1M7r3q4@1j5$3S2Q4x3X3c8#2M7r3c8S2N6r3g2K6i4K6u0r3j5%4m8#2K9Y4g2D9x3U0l9I4x3q4)9J5k6h3S2@1L8h3H3`.

[培训]传播安全知识、拓宽行业人脉——看雪讲师团队等你加入！