Oracle to ship 66 critical security patches

Today is Oracle's Patch Tuesday and here's a quick glimpse of what to expect: 66 new security vulnerability fixes across hundreds of Oracle database server products and components.

Today is Oracle's Patch Tuesday and here's a quick glimpse of what to expect: 66 new security vulnerability fixes across hundreds of Oracle database server products and components.

According to an advance notice from Oracle, six of the vulnerabilities affect is flagship Database Server with two carrying a "high risk" label because they may be remotely exploitable without authentication (may be exploited over a network without the need for a username and password).

Here's a snapshot of the affected products and versions:

follow Ryan Naraine on twitter

  • Oracle Database 11g Release 2, version 11.2.0.1
  • Oracle Database 11g Release 1, version 11.1.0.7
  • Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5
  • Oracle Database 10g Release 1, version 10.1.0.5
  • Oracle Audit Vault 10g Release 2, version 10.2.3.2
  • Oracle Secure Backup 10g Release 3, version 10.3.0.2
  • Oracle Fusion Middleware, 11g Release 1, versions 11.1.1.2.0, 11.1.1.3.0
  • Oracle Application Server 10g Release 2, version 10.1.2.3.0
  • Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0, 10.1.3.4.1, 11.1.1.3
  • Oracle Document Capture, versions 10.1.3.4, 10.1.3.5
  • Oracle GoldenGate Veridata, version 3.0.0.4
  • Oracle JRockit versions, R27.6.7 and earlier (JDK/JRE 1.4.2, 5 and 6), R28.0.1 and earlier (JDK/JRE 5 and 6)
  • Oracle Outside In Technology, version 8.3.0
  • Oracle WebLogic Server, versions 7.0.7, 8.1.6, 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, 10.3.3
  • Oracle Beehive, versions 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, 2.0.1.3
  • Oracle Enterprise Manager Suite Release 10, version 10.2.0.5
  • Oracle Enterprise Manager Real User Experience Insight, version RUEI 6.0
  • Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3
  • Oracle E-Business Suite Release 11i, version 11.5.10.2
  • Oracle Agile Core, versions 9.3.0.2, 9.3.1
  • Oracle Transportation Manager, versions 5.5, 6.0, 6.1, 6.2
  • Oracle PeopleSoft Enterprise CRM, versions 8.9, 9.0, 9.1
  • Oracle PeopleSoft Enterprise HRMS, versions 8.9, 9.0, 9.1
  • Oracle PeopleSoft Enterprise PeopleTools, versions 8.49, 8.50, 8.51
  • Oracle Argus Safety, versions 5.0, 5.0.1, 5.0.2, 5.0.3
  • Oracle Inform Portal, versions 4.5, 4.6, 5.0
  • Oracle Sun Product Suite
  • Oracle Open Office, StarOffice, StarSuite

"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible," the company said in the advisory.