Oracle to patch 59 security vulnerabilities
Oracle has announced that its quarterly Critical Patch Update (CPU), released today, will address a total of 59 vulnerabilities in a number of the company's products, many of them rated as critical. Of the 59 vulnerabilities, 21 are in the Solaris product suite alone and many affect multiple products.
Products affected by the quarterly Critical Patch Update include Oracle Database 9i, 10g, 11g, TimesTen In-Memory Database, JRockit R27.6.6, R28.0.0 and various versions of Oracle Business Process Management and Oracle E-Business Suite Release 11i and 12. Other affected products include the company's Secure Backup, Application Server, Identity Management 10g, Transportation Manager and the Oracle Sun Product Suite. PeopleSoft Enterprise Campus Solutions, Enterprise CRM, FSCM, HCM, PeopleTools and WebLogic Server 7.0 to 11gR1 are also affected
According to Oracle, several of the vulnerabilities in this Critical Patch Update, such as vulnerabilities affecting the TimesTen In-Memory Database and Oracle Secure Backup, scored a 10, the highest possible score in the Common Vulnerability Scoring System (CVSS). Oracle strongly advises all of its customers to apply the fixes as soon as possible.
- Oracle Critical Patch Update Pre-Release Announcement - July 2010, security advisory from Oracle.