Eye on Oracle

Jul 13 2010   1:40PM GMT

Oracle issues big security patch, almost half for Sun Solaris

Mark Fontecchio Mark Fontecchio Profile: Mark Fontecchio

Oracle issued a critical security patch update today, with 21 of the 59 patches being for the Sun Solaris operating system.

Some of the “vulnerability fixes,” as Oracle calls them, affect multiple products. Overall, the patches fix problems in 29 different Oracle products, including Oracle Database, WebLogic, E-Business Suite and PeopleSoft.

The update contains 13 patches for Oracle Database Server. Four of them, according to Oracle, “may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.”

There are also two vulnerabilities in the TimesTen In-Memory Database that can be exploited remotely without authentication, and three in Oracle Secure Backup. These are the most severe vulnerabilities, according to Oracle, garnering a Common Vulnerability Scoring System (CVSS) score of 10 in a range of 1-10.

Seven of the 21 vulnerabilities in the Solaris suite can be remotely exploitable without authentication.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: