January 11, 2010, 10:06AM
Oracle to Patch 24 Security Flaws
Share
Recommend
Print
E-mail
Comment 
Database server giant Oracle is joining Microsoft and Adobe this Patch Tuesday.
As part of its Critical Patch Update schedule, Oracle plans to ship 24 security patches on January 12 to cover a wide range of serious vulnerabilities in its database and application server products.
"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible," the company said in an advance notice.
Recommended Reads
Here's the breakdown of patches:
Oracle Database: This Critical Patch Update contains 10 new security vulnerability fixes for the Oracle Database which includes 1 vulnerability fix for Oracle Secure Backup. 2 of these vulnerabilities may be remotely exploited without authentication, i.e., may be exploited over a network without the need for a username and password. None of these fixes are applicable to Oracle Database client-only installations, i.e., installations that do not have the Oracle Database installed.
Oracle Application Server: This Critical Patch Update contains 3 new security fixes for the Oracle Application Server. All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. None of these fixes are applicable to client-only installations, i.e., installations that do not have an Oracle Application Server installed.
Oracle E-Business Suite and Applications: This Critical Patch Update contains 3 new security fixes for the Oracle Applications Suite. All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. None of these fixes are applicable to client-only installations, i.e., installations that do not have an Oracle Applications installed.
The update also covers security holes in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne; Oracle BEA Products; and the Oracle Primavera Product Suite.
Shorten URL: 
. Click to copy to clipboard or post to Twitter
. Click to copy to clipboard or post to TwitterKaspersky Lab Channel and Alliance Partners
Newsletter Sign-up
Newsletter Sign-up
Security news and analysis with expert opinion and perspective from the Threatpost editors.
Take Our Poll
Threatpost Content as You Like It
 |
 |
 |
 |
| iPhone App | Newsletter |
Comments
Post new comment