October 15, 2007 7:22 AM PDT

Oracle to push out 51 patches

Oracle plans to push out 51 fixes for flaws in its software, in a self-described "critical patch update" on Tuesday.

The flaws affect a number of Oracle products. Some of the vulnerabilities addressed in the update affect multiple products.

The patches include fixes for 27 vulnerabilities in Oracle Database, five of which may be exploited remotely without authentication.

Oracle said it will now use version 2 of the CVSS (Common Vulnerability Scoring System) to rate the severity of flaws. It had previously used CVSS version 1.

The highest-rated Oracle flaw that will be patched has a CVSS version 2 base score of 6.8. Oracle Database's most serious flaw is rated 6.5.

Oracle Application Server faces 11 security fixes. Seven of these vulnerabilities may be remotely exploitable without authentication, Oracle said in a statement.

Oracle E-Business Suite, Oracle Enterprise Manager and Oracle PeopleSoft Enterprise products will also receive fixes.

Tom Espiner of ZDNet UK reported from London.

See more CNET content tagged:
Oracle Corp., Oracle Database, authentication, flaw, vulnerability


Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.