Oracle patches dangerous Web. Logic flaw, critical database holes. Oracle Corp. By submitting your email address, you agree to receive emails regarding relevant topic offers from Tech. Target and its partners. You can withdraw your consent at any time. Contact Tech. Target at 2. Grove Street, Newton, MA. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy. Oracle said its security update contained patches for 3. Oracle released six fixes to address vulnerabilities for the former BEA product line. Five of the vulnerabilities could be remotely exploited by an attacker. Eric Maurice, manager of security in Oracle's Global Technology Business Unit, warned customers that the most severe vulnerability was located in the Apache plug- in for Oracle Web. Logic Server. The flaw could be exploited remotely by an attacker and was given a Common Vulnerability Scoring System (CVSS) base score of 1. The attacker doesn't have to be authenticated and could gain complete control of the server. The CPU includes 1. Oracle Database. The highest CVSS score was 6. One of the more critical vulnerabilities is located in Oracle's core relational database management system and may be remotely exploited without authentication. The vulnerability exploits the network protocol between the Oracle client software and the Oracle server. It abuses the proxy account mechanism in the Oracle server.
Community Forums Expert Blogs Website Updates. Oracle Blog ยป Critical Patch Update - patch your. Patch Update - patch your database, WebLogic, Java, MySQL. The Oracle Critical Patch Update - January 2009 address 41 vulnerabilities in different Oracle products and components. The document provides information about. The flaw affects Oracle database 9. DV, 1. 0. 1. 0. 5, 1. Compared to previous CPU's, the October release addressed fewer vulnerabilities, said Amichai Shulman, chief technology officer of Foster City, Calif.- based Imperva. In July, Oracle released 4. Many of the database fixes released this month repair SQL injection vulnerabilities, he said. The flaws affect Oracle database 1. Critical Patch Updates and Security Alerts are fixes for security defects in Oracle, PeopleSoft, JD Edwards and Sun products. Two updates to Oracle Portal could be remotely exploited without authentication, Oracle said. In addition, four security updates were released to address issues in parts of the Oracle E- Business Suite. Problems in the Oracle Applications Technology Stack and the i. Supplier Portal could be remotely exploited without authentication. Both vulnerabilities were given a medium- risk CVSS score of 5. Five security vulnerability fixes were released by Oracle for its People. Soft Enterprise and JD Edwards Enterprise. One products. Oracle said two of the vulnerabilities could be remotely exploited without authentication.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2017
Categories |