Alexander Kornbrust Oracle Security Blog » Print » Oracle October 2009 Pre-Release

Oracle October 2009 Pre-Release

Dieser Eintrag stammt von Alexander Kornbrust Am 16 Okt 2009 @ 00:03 In Oracle Security | Kommentarfunktion deaktiviert

Oracle just published the [1] pre-release of the Oracle October 2009 CPU. In total 38 vulnerabilities will be fixed. This CPU will fix 16 new vulnerabilities in the databases. 6 of them remotely exploitable without authentication, 1 affects client-only installations.

The hight CVSS base score is 10.0 for Windows and 7.5 for other platforms (Oracle ANO and Core RDBMS). Sounds like a very interesting CPU…

The following components are affected.

Advanced Queuing
Application Express
Authentication
CORE RDBMS
Data Mining
Net Foundation Layer
Network Authentication
Oracle Spatial
Oracle Text
PL/SQL
RDBMS Data Pump
RDBMS Security
Workspace Manager

Oracle will also fix 3 bugs in the Oracle Application Server, 8 in Oracle E-Business-Suite, 4 in JD-Edwards and Peoplesoft, 6 in BEA and 1 in Oracle Industry Application (a product I never heard before).

Dieser Artikel wurde ausgedruckt ab Alexander Kornbrust Oracle Security Blog: http://blog.red-database-security.com

URL zum Artikel: http://blog.red-database-security.com/2009/10/16/oracle-october-2009-pre-release/

URLs in this post:
[1] pre-release : http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct20
09.html

Klicken hier zum Drucken.