Oracle Patch Batch Affects 'hundreds' of Products

[InfoSec News <alerts () infosecnews org>]

http://www.csoonline.com/article/691961/oracle-patch-batch-affects-hundreds-of-product

By Chris Kanaracus
IDG News Service
October 18, 2011

Oracle on Tuesday will release 76 patches affecting hundreds of its 
products as well as Java SE.

Fifty-six of the patches are aimed at Oracle products, and due to the 
danger of a successful attack, customers should apply them immediately, 
Oracle said.

Affected products include Oracle's 11g and 10g database; Fusion 
Middleware 11g, Oracle Application Server 10g; E-Business Suite releases 
12 and 11i; various versions of PeopleSoft Enterprise and Siebel CRM; 
Oracle Linux 5; and Oracle Sun Ray.

The most serious fix is for Oracle's Solaris OS. That vulnerability 
earned a 9.3 base score on the CVSS (Common Vulnerability Scoring 
System), the highest in the patch bundle.

None of the four database server patches can be exploited by a remote 
attacker without a password and username, Oracle said. However, the 
opposite is true for five of the 10 Fusion Middleware fixes and three of 
the ones for E-Business Suite.

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn