Blogs

A potential and unconfirmed cross-site scripting (XSS) vulnerability in the Oracle Application Server has been reported on the Full Disclosure mailing list.  The vulnerability is in the FastCGI module delivered with the Apache httpd server that is incorporated into the Oracle Application Server.  Integrigy has not confirmed the vulnerability as the author has not released details but the author claims this XSS vulnerability is different than those previously fixed in the fcgi-bin echo programs.

Oracle has announced a slight change to the release schedule for Critical Patch Update (CPU) releases starting in 2011.  Rather than release on the Tuesday closest to the 15th of the month, now it will be the Tuesday closest to the 17th.  The intention of this shift is to provide more of a buffer for the January release to accommodate year-end close and vacations around the Christmas and New Years holidays.  Therefore, some of the CPU release dates have shifted by a week.

Oracle E-Business Suite Security Risks Primer for Internal Auditors
Tuesday, September 14, 2010 1:00 PM - 2:00 PM EDT

Internal Auditors are trained to understand the financial aspects and the end user functionally of an ERP solution. However, most Internal Auditors have not been trained in the security features of an ERP system. This one hour auditing primer webinar will highlight the basic security that should be found within all implemented Oracle E-Business Suite (OEBS) systems.

Oracle July 2010 CPU - Oracle Database Impact
Thursday, July 29, 2:00pm - 3:00pm EDT

Every quarter, Oracle releases a Critical Patch Update (CPU) that fixes a number of security vulnerabilities in the Oracle Database. This quarterly eLearning session will focus on the July 2010 CPU and the impact on the Oracle Database. The topics will include:

Here is a brief analysis of the pre-release announcement for the upcoming July 2010 Oracle Critical Patch Update (CPU) -

Integrigy's CTO, Stephen Kost, will be presenting a series of webinars on Oracle's Critical Patch Update for July 2010.

Oracle July 2010 CPU - Oracle E-business Suite Impact
Thursday, July 22, 2:00pm - 3:00pm EDT

This quarterly eLearning session will focus on the July 2010 CPU and the impact on E-Business Suite environments.

Topics will include;

Integrigy's CTO, Stephen Kost, will be presenting an Independent Oracle User's Group (IOUG) educational webinar as part of IOUG's Database Security Technical Education Series.

A Journey Through Enterprise Database Security for DBAs
Stephen Kost, Integrigy
Wednesday, May 26, 1:00pm - 2:00pm CT

This presentation is intended for Database Administrators. It will detail the enterprise database security requirements, regulatory requirements and monitoring of databases.

For those of you unable to attend the OAUG/IOUG COLLABORATE 10 User Conference in Las Vegas next week, the conference is offering a virtual experience of the conference.  There will be 41 sessions available via webinar live from Las Vegas.  Integrigy is pleased to announce that the following session is included in the roster of Plug-in to Vegas virtual sessions -

Here is a brief analysis of the pre-release announcement for the upcoming January 2010 Oracle Critical Patch Update (CPU) -