Oracle patch day closes 78 security holes
As expected, Oracle has released 78 security patches as part of its July Critical Patch Update. There is a total of 13 fixes for the Oracle Database server, two of which could be remotely exploited by an attacker without authentication.
Some of the most critical bugs fixed include holes in Oracle Secure Backup, JRockit, and the Sun SPARC server (Netra T3 and T3 Series). Each of these products contains vulnerabilities that have a Common Vulnerability Scoring System (CVSS) score of 10.0, the highest possible level of severity.
Other vulnerabilities addressed by these updates include holes in, for example, Solaris, Oracle Fusion Middleware and Oracle Enterprise Manager Grid Control. As several of the vulnerabilities allow an attacker to remotely exploit systems, Oracle recommends that system administrators install the patches as soon as possible.
See also:
- Oracle Critical Patch Update Advisory - July 2011, security advisory from Oracle.
(crve)