In association with heise online

14 April 2008, 10:52

Oracle announces patches for 41 holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Database vendor Oracle has announced patches for 41 security holes in a number of products for the Critical Patch Update (CPU) patch day scheduled for Tuesday. The updates affect the vast majority of the vendor's products:

  • Oracle Database 11g (; 10g Release 2 (,; 10g (; 9i Release 2 (,
  • Oracle Application Server 10g Release 3 (10.1.3); 10g Release 2 (10.1.2); 10g (9.0.4)
  • Oracle Collaboration Suite 10g (10.1.2)
  • Oracle E-Business Suite Release 12 (12.0.0 - 12.0.4); Release 11i (11.5.9 - 11.5.10 CU2)
  • Oracle PeopleSoft Enterprise PeopleTools (8.22.19, 8.48.16, 8.49.09)
  • Oracle PeopleSoft Enterprise HCM (8.8 SP1, 8.9, 9.0)
  • Oracle Siebel SimBuilder (7.8.2, 7.8.5)

No further details about the vulnerabilities have been released so far. But according to the patch day pre-release announcement, two of the holes in the Oracle database can be exploited remotely over a network without the need for prior authentication, as can all three vulnerabilities in the Application Server, seven of the holes in the E-Business suite and three in Siebel SimBuilder.

Administrators of Oracle products are advised to update at their earliest convenience once the patches are available.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit