ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Security threats Toolkit

Oracle to push out 51 patches

Tom Espiner ZDNet.co.uk

Published: 15 Oct 2007 13:10 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Oracle is to push out 51 patches for flaws in its software, in a critical patch update on Tuesday.

The flaws affect many Oracle products. Some of the vulnerabilities addressed in the critical patch update affect multiple products.

The patches include fixes for 27 vulnerabilities in Oracle Database, five of which may be exploited remotely without authentication.

Oracle said it will now use version 2 of the CVSS (common vulnerability scoring system) to rate the severity of flaws. It had previously used CVSS version 1.

Sentry Posts Blog

Sentry Posts Blog
Guarding the network

What you need to know — and what you and your peers have to tell us — about security management in our new community group blog

Read more +

The highest-rated Oracle flaw that will be patched has a CVSS version 2 base score of 6.8. Oracle Database's most serious flaw is rated 6.5.

Oracle Application Server is facing 11 security fixes. Seven of these vulnerabilities may be remotely exploitable without authentication, Oracle said in a patch pre-release announcement.

Oracle E-Business Suite, Oracle Enterprise Manager and Oracle PeopleSoft Enterprise products will also receive fixes.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with HP

Did you find this article useful?


Full Talkback thread

0 comments

Company/Topic Alerts

Create a new alert from the list below:








Related Jobs

Websphere IT Specialist / Architect

Trouble shoot and fix technical problems, liaising with product management and technical support to organise a patch if necessary. Websphere IT ...

Principal Applications Specialists

Reviews upgrades and fixes available from system software suppliers and identifies those which merit action. Principal Applications Specialists ...

Security Consultant Ethical Hacking / Penetration Testing - London

Responsibilities: - Deliver security assessment services including network scanning, vulnerability testing, penetration testing, search engine ...

Sentry Posts Blog

Mobile Linux Better For Mobile Busines...

Mobile Linux Better For Mobile Business Apps? Author: Eric Everson, MyMobiSafe.com As mobile Linux is carving it’s footprint on the future of mobile application development, the... More

Post a comment

DWP downplays security breach

The Department for Work and Pensions (DWP) has admitted that some of its staff have been forwarding passwords with password protected material. An email that was leaked on the 'Dizzy... More

Post a comment

How many headshots does one chairperso...

We got a strange request last week from the head of PR from Russian security experts Kaspersky. It seems although the company was very happy with the interview we recently carried with... More

Post a comment

Featured Talkback

On the contrary, if vendors were forced to stand behind their products it should increase innovation. It would force more, and better , testing before hitting the sales floor, resulting in fewer updates and less downtime for the consumer. At present the EULA removes responsibility from the vendor, and moves it to the user, which is a step backward. Make the vendor responsibility for their code.

By: ator1940

Read full story:
RSA: Vendor liability may stifle innovation