Oracle Security Alert for CVE-2013-1493

Oracle | Hyperion Products

Oracle Security Alert for CVE-2013-1493

Latest Version/Date: March 04, 2013

 Link to Update: http://www.oracle.com/technetwork/topics/security/alert-cve-2013-1493-1915081.html

 Last Modified by TGG: March 06, 2013

 Product(s) Affected:

• JDK and JRE 7 Update 15 and earlier
• JDK and JRE 6 Update 41 and earlier
• JDK and JRE 5.0 Update 40 and earlier

 Assessment:

Generally, JDK160_21 and JRE1.6.0 versions shipped with the EPM installers shared among Hyperion / EPM products installed on the same machine and do not need to change unless explicitly stated otherwise in the documentation. The Java version bundled in Hyperion may be changed during a patch application or upgrading the version of Hyperion.

 Note: JREs and JDKs found under $HYPERION_HOME or $MIDDLEWARE_HOME may be shared among different Oracle Hyperion EPM products installed on the same machine, so any change might impact several products. Oracle’s instructions are do not change the Java version in Hyperion home folder which is used explicitly by Hyperion products.

Based on our review of the Updated Release of the March 2013 Oracle Security Alert for CVE-2013-1493 on March 06, 2013, the following Oracle | Hyperion EPM and BI products are not affected by the patch.