Oracle Releases Security Alert for Oracle HTTP Server Products

Oracle has released a security alert to address a vulnerability in Apache HTTPD. This vulnerability affects:

• Oracle Fusion Middleware 11g Release 1, versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0
• Oracle Application Server 10g Release 3, version 10.1.3.5.0
• Oracle Application Server 10g Release 2, version 10.1.2.3.0

Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Oracle Security Alert for CVE-2011-3192 and apply any necessary updates to help mitigate the risks. Additional information can be found in Vulnerability Note VU#405811