The Channel logo


By | John Leyden 18th July 2007 13:25

Oracle drops litter of summer patches

Forty-five fixes out. One missing in action

Oracle released 45 security patches on Tuesday as part of its latest quarterly patch update, one less than expected.

The updates cover various flaws in products including Oracle Database, Application Server, and E-Business Suite, among others. Some of the patches cover flaws in multiple products.

The dropped update covered an unspecified, though not remotely exploitable, flaw in Oracle Database.

Nineteen of the security updates include fixes for versions of Oracle's database, two of which might be remotely exploited without requiring login credentials.

Six of the 14 flaws in Oracle's E-Business Suite might also be remotely exploited by hackers. Three of four bugs in Oracle's Application Server carry the same risk. More details can be found in Oracle's quarterly advisory here.

Last year Oracle began rating the severity of bugs in its applications according to the Common Vulnerability Scoring System (CVSS), an industry-wide initiative to standardise vulnerability ratings. Oracle rates the worst of this quarter's patch batch (two bugs affecting Oracle PeopleSoft Enterprise) at 4.8.

Due to the threat posed by attacks based on the flaws, Oracle strongly recommends that fixes are applied as soon as possible. ®

comment icon Read 1 comment on this article alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe