Eye on Oracle

Jan 16 2013   1:23AM GMT

Oracle issues quarterly security patch

Mark Fontecchio Mark Fontecchio Profile: Mark Fontecchio

Oracle on Tuesday released its quarterly patch update. It includes 86 security fixes and runs the gamut of Oracle products, including database, middleware and applications.

All the fixes address security vulnerabilities that Oracle has rated from 0 to 10 on the Common Vulnerability Scoring System, or CVSS. The vulnerabilities in this patch with the highest score – that is, the highest severity – are for Oracle Database and MySQL. The most severe is for Oracle Database Mobile/Lite Server, previously known as just Oracle Database Lite. The risk is rated the highest it can be, at 10, and according to the patch update,”may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.”

Other high-severity vulnerabilities are for Oracle Database on Windows, and MySQL on Windows.

Here’s the breakdown of all the security fixes:

  • Eighteen for MySQL
  • Thirteen for Oracle Enterprise Manager
  • Twelve for PeopleSoft
  • Ten for Siebel
  • Nine for E-Business Suite
  • Eight for Sun products, seven of which are for Solaris
  • Seven for Fusion Middleware
  • Five for Oracle Database
  • One for JD Edwards
  • One for VirtualBox
  • One for Oracle Supply Chain Management

The next security patches due out this year are on April 16, July 16 and Oct. 15.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: