Video Screencast Help
Archiving and eDiscovery Community Blog

Enterprise Vault Security Advisory

Created: 02 Oct 2012 • Updated: 29 May 2014
Rob.Wilcox's picture
0 0 Votes
Login to vote

 

I just spotted this update on Cert's web site:

http://www.cert.gov.om/advisory_details.aspx?alert=300

and

http://www.kb.cert.org/vuls/id/118913

Essentially Enterprise Vault uses the Outside-In technology from Oracle to convert content to HTML (for indexing).  This technology from Oracle has a security vulnerability in it, which Oracle have fixed.

Symantec's response is in this post:

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120928_00

 

Symantec Response

Symantec has released an update to Symantec’s Enterprise Vault product suite to address these issues. Symantec recommends all Symantec Enterprise Vault product suite customers upgrade to Symantec Enterprise Vault 10.0.2 to address any possibility of threats of this nature.

 

Symantec Enterprise Vault 10.0.2 is currently available through normal update channels

 

It's another good reason to upgrade to Enterprise Vault 10.0.2