In association with heise online

14 April 2008, 10:52

Oracle announces patches for 41 holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Database vendor Oracle has announced patches for 41 security holes in a number of products for the Critical Patch Update (CPU) patch day scheduled for Tuesday. The updates affect the vast majority of the vendor's products:

  • Oracle Database 11g (11.1.0.6); 10g Release 2 (10.2.0.2, 10.2.0.3); 10g (10.1.0.5); 9i Release 2 (9.2.0.8, 9.2.0.8DV)
  • Oracle Application Server 10g Release 3 (10.1.3); 10g Release 2 (10.1.2); 10g (9.0.4)
  • Oracle Collaboration Suite 10g (10.1.2)
  • Oracle E-Business Suite Release 12 (12.0.0 - 12.0.4); Release 11i (11.5.9 - 11.5.10 CU2)
  • Oracle PeopleSoft Enterprise PeopleTools (8.22.19, 8.48.16, 8.49.09)
  • Oracle PeopleSoft Enterprise HCM (8.8 SP1, 8.9, 9.0)
  • Oracle Siebel SimBuilder (7.8.2, 7.8.5)

No further details about the vulnerabilities have been released so far. But according to the patch day pre-release announcement, two of the holes in the Oracle database can be exploited remotely over a network without the need for prior authentication, as can all three vulnerabilities in the Application Server, seven of the holes in the E-Business suite and three in Siebel SimBuilder.

Administrators of Oracle products are advised to update at their earliest convenience once the patches are available.

See also:

(mba)

Print Version | Send by email | Permalink: http://h-online.com/-736098
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit