Oracle Preps Critical Update with 24 Security Fixes
Oracle is set to release an update for its products Jan. 12. Among the security flaws addressed are 10 vulnerabilities in the Oracle Database.Oracle is planning to release an update that includes 24 security patches affecting numerous products, including the Oracle Database and Oracle E-Business Suite. The update addresses 10 security vulnerabilities related to the database, including one in Oracle Secure Backup. Two of the vulnerabilities can be exploited remotely without authentication, Oracle said in a pre-patch advisory.
Oracle BEA products are the subject of five security fixes, all of which are remotely exploitable over a network without a user name and password. One of the security holes plugged by the update is a flaw in Oracle JRockit with a CVSS base score of 10.0, the highest score possible.