WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
April 18, 2006
Symantec ESM 6.5 Network Assessment Security Updates


Download the cumulative Symantec ESM Network Assessment Release Notes (PDF)


This update for Symantec ESM Network Assessment detects and reports 47 additional vulnerabilities.

Use the LiveUpdate feature of Symantec ESM Network Assessment to download this security update.

Additional vulnerabilities

Bugtraq ID     Vulnerability name
3138             Oracle DBSNMP Oracle Home Environment Variable Buffer Overflow
4034             Oracle 9IAS OracleJSP Information Disclosure Vulnerability
4391             Oracle 9i TNS Denial of Service Vulnerability
4523             Oracle 9i ANSI Outer Join Access Control Bypass Vulnerability
4845             Oracle TNSListener SERVICE_NAME Remote Buffer Overflow Vulnerability
6085             Oracle 9i Database Server iSQL Plus Malformed USERID Buffer Overflow Vulnerability
6414             Oracle Startup Script LD_LIBRARY_PATH Vulnerability
7395             Oracle9iAS Web Cache Administration Interface Plaintext Password Vulnerability
8375             Multiple Oracle XDB FTP / HTTP Services Buffer Overflow Vulnerabilities
8844             Oracle Database Server Oracle Binary Local Buffer Overflow Vulnerability
8845             Oracle Database Server OracleO Binary Local Buffer Overflow Vulnerability
9587             Multiple Oracle Database Parameter/Statement Buffer Overflow Vulnerabilities
9703             Oracle 9i Application/Database Server SOAP XML DTD Denial Of Service Vulnerability
9705             Oracle9i Database Server Unspecified Security Vulnerabilities
10363           Microsoft Windows XP Self-Executing Folder Vulnerability
10656           Oracle Database 10g Installer Insecure Temporary File Creation Vulnerability
11091           Oracle 10g Database DBMS_SCHEDULER Remote Command Execution Vulnerability
11120           Oracle Database 9i SQL Command Buffer Overflow Vulnerability
12296           Oracle Database Multiple Unspecified Vulnerabilities
13145           Oracle Database MDSYS.MD2.SDO_CODE_SIZE Buffer Overflow Vulnerability
13234           Oracle Database Server CREATE_SCN_CHANGE_SET Standard Procedure SQL Injection Vulnerability
13235           Oracle Database Server ALTER_MANUALLOG_CHANGE_SOURCE SQL Injection Vulnerability
13236           Oracle 10g Database SUBSCRIPTION_NAME Remote SQL Injection Vulnerability
13238           Oracle 9i/10g Database OBJECT_TYPE Remote SQL Injection Vulnerability
13239           Oracle Database Server InterMedia Denial of Service Vulnerability
13509           Oracle 10g DBMS_Scheduler Privilege Escalation Vulnerability
13510           Oracle 9i/10g Database Fine Grained Audit Logging Failure Vulnerability
14281           Oracle9i FIPS Single Sign-On Server Unspecified Cross-Site Scripting Vulnerability
15030           Oracle iSQLPlus Cross-Site Scripting Vulnerability
15032           Oracle iSQL*Plus TLS Listener Remote Denial Of Service Vulnerability
15034           Oracle XML DB Cross-Site Scripting Vulnerability
16287           Oracle January Security Update Multiple Vulnerabilities
16294           Oracle Database SYS.KUPV$FT Multiple SQL Injection Vulnerabilities
16516           Microsoft Internet Explorer WMF Image Parsing Memory Corruption Vulnerability
17131           Microsoft Internet Explorer Script Action Handler Buffer Overflow Vulnerability
17181           Microsoft Internet Explorer Unspecified Remote HTA Execution Vulnerability
17196           Microsoft Internet Explorer CreateTextRange Remote Code Execution Vulnerability
17426           Oracle Database Access Restriction Bypass Vulnerability
17450           Microsoft Internet Explorer Invalid HTML Parsing Code Execution Vulnerability
17453           Microsoft Internet Explorer COM Object Instantiation Code Execution Vulnerability
17454           Microsoft Internet Explorer Double Byte Character Memory Corruption Vulnerability
17455           Microsoft Internet Explorer Erroneous IOleClientSite Data Zone Bypass Vulnerability
17457           Microsoft Internet Explorer Popup Cross-Domain Information Disclosure Vulnerability
17459           Microsoft Outlook Express Windows Address Book File Parsing Buffer Overflow Vulnerability
17460           Microsoft Internet Explorer Persistent Window Content Address Bar Spoofing Vulnerability
17462           Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability
17464           Microsoft Windows Shell COM Object Remote Code Execution Vulnerability

Initial Post on: Wednesday, 19-Apr-06 11:30:00
Last modified on: Wednesday, 19-Apr-06 18:01:30