Oracle Patches 45 Security Holes in Database, App Server and More

 
 
By Brian Prince  |  Posted 2008-07-15 Email Print this article Print
 
 
 
 
 
 
 

The Oracle Patch Update includes 45 security fixes, including 11 for the Oracle Database. Also included are nine security fixes for Oracle Application Server, seven for Oracle WebLogic Server, two for Oracle Enterprise Manager, six for Oracle E-Business Suite and Applications, and seven for Oracle PeopleSoft Enterprise products.

Oracle released 45 security fixes July 15 as part of its latest Critical Patch Update.

The patches bring the total for the year to 112 vulnerabilities patched. The Oracle Database has the most fixes-a total of 11, none of which can be exploited remotely without authentication. The vulnerabilities affect a number of components, including Advanced Querying, Advanced Replication and the core RDBMS (relational DBMS). There are also three fixes affecting the Oracle TimesTen In-Memory Database. All three address vulnerabilities that can be fixed by upgrading to Version 7.0.4.0.0 or a later edition of the product.

Nine security fixes in the CPU address vulnerabilities in Oracle Application Server, all of which can be exploited remotely without authentication. According to Oracle, none of these fixes apply to client-only installations. The components affected by the flaws include Hyperion BI Plus (formally Hyperion Performance Suite), Oracle HTTP Server, Oracle Internet Directory and Oracle Portal.

There are seven security fixes for Oracle WebLogic Server, three of which can be exploited remotely without authentication.

The release also contains two for Oracle Enterprise Manager, six for Oracle E-Business Suite and Applications, and seven patches addressing vulnerabilities in Oracle PeopleSoft Enterprise products.

The next CPU release is slated for Oct. 14.

 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel