Oracle JDEdwards EnterpriseOne Tools CVE-2011-2324 Denial Of Service Vulnerability

Bugtraq ID:	51455
Class:	Unknown
CVE:	CVE-2011-2324
Remote:	Yes
Local:	No
Published:	Jan 17 2012 12:00AM
Updated:	Feb 24 2012 08:30AM
Credit:	Oracle
Vulnerable:	Oracle JD Edwards EnterpriseOne Server 9.0 Oracle JD Edwards EnterpriseOne 8.95 _F1 Oracle JD Edwards EnterpriseOne 8.95 _B1 Oracle JD Edwards EnterpriseOne 8.94 _Q1 Oracle JD Edwards EnterpriseOne 8.98.4.1 Oracle JD Edwards EnterpriseOne 8.98 Oracle JD Edwards EnterpriseOne 8.97 Oracle JD Edwards EnterpriseOne 8.96 Oracle JD Edwards EnterpriseOne 8.95.J1 Oracle JD Edwards EnterpriseOne 8.95 Oracle JD Edwards EnterpriseOne 8.9 GA
Not Vulnerable:

Oracle JDEdwards EnterpriseOne Tools CVE-2011-2324 Denial Of Service Vulnerability

Oracle JD Edwards is prone to a denial-of-service vulnerability in JD Edwards EnterpriseOne Tools.

An attacker can exploit this issue to cause the application to crash, denying service to legitimate users.

Oracle JDEdwards EnterpriseOne Tools CVE-2011-2324 Denial Of Service Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Oracle JDEdwards EnterpriseOne Tools CVE-2011-2324 Denial Of Service Vulnerability

Solution:
Vendor updates are available. Please contact the vendor for more information.

Oracle JDEdwards EnterpriseOne Tools CVE-2011-2324 Denial Of Service Vulnerability

References:

• Oracle Critical Patch Update Advisory - January 2012 (Oracle)
  
• Oracle JD Edwards JDENET Large Packets Denial of Service (onapsis)