CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
April 16th, 2008

Oracle Patches Critical Database Vulnerabilities

Oracle posted 41 patches on Tuesday as part of its regular quarterly patching cycle, with core database vulnerabilities being heavily represented. The patch batch covers 17 updates for Oracle Database products, 11 updates for Oracle E-Business Suite, three updates for Oracle PeopleSoft Enterprise products, along with six updates for Oracle Siebel SimBuilder products, among others. The load is less than previous security updates, but their impact on key vulnerable databases (in particular) is potentially serious, security watchers warn.

It looks like the number of affected database components is larger this time than previous times, including patches in the core RDBMS engine and query optimiser. Two of the vulnerabilities can be remotely exploited without authentication.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply fixes as soon as possible. The Critical Patch Update contains 41 new security fixes across all products.

Share this item with others:

More on CyberInsecure:
  • New Lateral SQL Injection Method To Hack Oracle Database
  • Microsoft Patches Critical Database And Office Flaws
  • Critical Mac Flaws Triggered By Images Fixed By Apple
  • Microsoft Patches Windows Worm And Drive-by Download Vulnerabilities
  • Microsoft’s Patch Fix Critical Vulnerabilities In IE And Office

    • Posted in Vulnerabilities | Print This Post Print This Post

    This entry was posted on Wednesday, April 16th, 2008 at 4:59 am and is filed under Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Oracle Patches Critical Database Vulnerabilities

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »