Home / News & Blogs

Oracle to push out 51 patches

Tom Espiner | October 15, 2007 7:22 AM PDT

Summary

Update includes fixes for 27 vulnerabilities in Oracle Database, five of which may be exploited remotely without authentication.

Topics

Tom Espiner, Software flaws, Oracle Corp., Patch Management, Oracle Database, Flaw, Security, Databases, Enterprise Software, Software, Data Management
Oracle plans to push out 51 fixes for flaws in its software, in a self-described "critical patch update" on Tuesday.

The flaws affect a number of Oracle products. Some of the vulnerabilities addressed in the update affect multiple products.

The patches include fixes for 27 vulnerabilities in Oracle Database, five of which may be exploited remotely without authentication.

Oracle said it will now use version 2 of the CVSS (Common Vulnerability Scoring System) to rate the severity of flaws. It had previously used CVSS version 1.

The highest-rated Oracle flaw that will be patched has a CVSS version 2 base score of 6.8. Oracle Database's most serious flaw is rated 6.5.

Oracle Application Server faces 11 security fixes. Seven of these vulnerabilities may be remotely exploitable without authentication, Oracle said in a statement.

Oracle E-Business Suite, Oracle Enterprise Manager and Oracle PeopleSoft Enterprise products will also receive fixes.

Tom Espiner of ZDNet UK reported from London.

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity