January 11, 2010, 10:06AM
Oracle to Patch 24 Security Flaws
Comment 
Database server giant Oracle is joining Microsoft and Adobe this Patch Tuesday.
As part of its Critical Patch Update schedule, Oracle plans to ship 24 security patches on January 12 to cover a wide range of serious vulnerabilities in its database and application server products.
"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible," the company said in an advance notice.
Editor's Pick
Here's the breakdown of patches:
Oracle Database: This Critical Patch Update contains 10 new security vulnerability fixes for the Oracle Database which includes 1 vulnerability fix for Oracle Secure Backup. 2 of these vulnerabilities may be remotely exploited without authentication, i.e., may be exploited over a network without the need for a username and password. None of these fixes are applicable to Oracle Database client-only installations, i.e., installations that do not have the Oracle Database installed.
Oracle Application Server: This Critical Patch Update contains 3 new security fixes for the Oracle Application Server. All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. None of these fixes are applicable to client-only installations, i.e., installations that do not have an Oracle Application Server installed.
Oracle E-Business Suite and Applications: This Critical Patch Update contains 3 new security fixes for the Oracle Applications Suite. All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. None of these fixes are applicable to client-only installations, i.e., installations that do not have an Oracle Applications installed.
The update also covers security holes in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne; Oracle BEA Products; and the Oracle Primavera Product Suite.
Commenting on this Article is closed.
Today's Most Popular
- Yahoo Includes Private Key in Source File For Axis Chrome Extension
- Researchers Unveil New Way to Trust Certificates
- FBI Warns Top Firms Of Anonymous Protest Hacks on May 25
- DNSChanger Lingers: 330k Systems Still Infected, 77,000 In The U.S.
- Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops
Most Commented Stories
-
Forget 'Brogrammers,' Women Have The Edge In DEFCON Social Engineering Contest (10)
-
Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops (14)
-
New York Lawmakers Want Anonymous Comments Banned (4)
-
DNSChanger Lingers: 330k Systems Still Infected, 77,000 In The U.S. (3)
-
FBI Warns Top Firms Of Anonymous Protest Hacks on May 25 (2)
Newsletter Sign-up
Take Our Poll
The Internet Crime Complaint Center recently warned of malware targeting travelers connecting to Wi-Fi. When traveling, do you
Connect to anything
21%
Only connect to password-protected, secure connections
39%
Only use websites with HTTPS
27%
I don’t pay attention to how I access the internet while traveling
13%
Total votes: 70
Follow Threatpost
 |  |  |  |
| Tumblr |
