In association with heise online

19 October 2009, 10:49

Oracle to patch 38 vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

In its Critical Patch Update Pre-Release Announcement, Oracle has confirmed that on Tuesday, the 20th of October, it plans to release updates for 21 of its products to address 38 security vulnerabilities. Affected products include Oracle Database 9i Release 2, 10g, 10g Release 2, 11g, Oracle Application Server 10g and Oracle WebLogic Server.

Six of the security updates address vulnerabilities that allow remote access to Oracle Database without the need for a user name or password. Oracle BEA products, such as JRockit and WebLogic, are also affected by remote exploits that do not require authentication. According to Oracle, several of the vulnerabilities in this Critical Patch Update scored a 10, the highest possible score in the Common Vulnerability Scoring System (CVSS). Oracle strongly advises its customers to apply the fixes as soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit