Oracle CPU April 2010 – Prerelease

Yesterday Oracle released the CPU April 2010 Pre-Release. These patches will fix 47 security vulnerabilites. The database patch itself will contain 7 new security vulnerability fixes. None of these vulnerabilities are remote exploitable without authentication.

The highest CVSS base score for the Oracle database is 7.5.

The following components are affected:

• Change Data Capture
• Core RDBMS
• JavaVM
• Oracle XDB
• RDBMS Security
• XML DB

Oracle will fix one of my findings in the April 2010 CPU.

At the DOAG Expertenseminar „Oracle Hardening & Patching / Auditing & Co.“ in Berlin (26.04.2010 – 27.04.2010) I will talk about this CPU as well. If you are interested you can attend this 2 day seminar.

Comments are closed.