Oracle issues big security patch update

The fixes address vulnerabilities in its database, application servers and other products

Oracle on Tuesday released its latest quarterly patch update, which includes 10 security fixes for its database and also addresses a range of vulnerabilities across the vendor's applications portfolio.

Among the 10 database vulnerabilites, three can be exploited across a network without a user name or password. Affected database components include advanced replication, network authentication, Secure Enterprise Search and configuration management, Oracle said.

Two other patches are for Oracle Application Server weaknesses that can also be exploited remotely without authentication, Oracle said.

Another group of fixes addresses issues with Oracle E-Business Suite components, including Advanced Supply Chain Planning, Oracle Applications Framework, iStore and iSupplier Portal.

In addition, Oracle is shipping a total of four fixes for its PeopleSoft Enterprise, JD Edwards Enterprise One and Siebel application families, two patches for Oracle Secure Backup, and two for Enterprise Manager.

The patch update also targets five vulnerabilites in BEA products, including JRockit, Complex Event Processing and the WebLogic application server. All of the issues can be remotely exploited, Oracle said.

Oracle uses the CVSS (common vulnerability scoring system) method to rate the severity of security problems. In this update, vulnerabilities in the JRockit and Secure Backup products received a CVSS score of 10.0, the highest possible.

Full details of the patch update are available on Oracle's Web site. The next quarterly release is scheduled for Oct. 13.

Tags Oracelsecurity

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Chris Kanaracus

IDG News Service

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?