Oracle to push out 51 patches

By Tom Espiner
Special to CNET News.com

Post a comment

Related Stories: Oracle: BEA canceled meeting at last minute
October 13, 2007; Buyout could serve both BEA, Oracle
October 12, 2007; Oracle to be more selective in patch development
April 18, 2007

Oracle plans to push out 51 fixes for flaws in its software, in a self-described "critical patch update" on Tuesday.

The flaws affect a number of Oracle products. Some of the vulnerabilities addressed in the update affect multiple products.

The patches include fixes for 27 vulnerabilities in Oracle Database, five of which may be exploited remotely without authentication.

Oracle said it will now use version 2 of the CVSS (Common Vulnerability Scoring System) to rate the severity of flaws. It had previously used CVSS version 1.

The highest-rated Oracle flaw that will be patched has a CVSS version 2 base score of 6.8. Oracle Database's most serious flaw is rated 6.5.

Oracle Application Server faces 11 security fixes. Seven of these vulnerabilities may be remotely exploitable without authentication, Oracle said in a statement.

Oracle E-Business Suite, Oracle Enterprise Manager and Oracle PeopleSoft Enterprise products will also receive fixes.

Tom Espiner of ZDNet UK reported from London.

See more CNET content tagged:
Oracle Corp., Oracle Database, authentication, flaw, vulnerability

Latest tech news headlines

Marc Andreessen launches new venture fund
Posted in Rafe's Radar by Rafe Needleman

July 5, 2009 9:00 PM PDT
Fun with numbers a boon for StatCounter
Posted in News - Digital Media by Larry Dignan

July 5, 2009 7:30 PM PDT
4chan may be behind attack on Twitter
Posted in The Web Services Report by Harrison Hoffman

July 5, 2009 3:26 PM PDT
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; Oracle (-3.22%) -0.70 21.04; Dow Jones Industrials (0.00%) 0.00 8,280.74; S&P 500 (-2.91%) -26.91 896.42; NASDAQ (-2.67%) -49.20 1,796.52; CNET TECH (11.32%) 149.69 1,472.57

Inside CNET News

Scroll Left Scroll Right

Business Tech
Week in review: A speedier new Firefox
Mozilla's latest version plays catch-up with the browser competition. Also: the latest in Windows 7 news, and a Yahoo data center in a new shade of green.
Gallery
Photos: Spiral Jetty, Robert Smithson's wondrous earthwork
Technically Incorrect
After Wikipedia, Jockipedia
A new site collates the social-networking activity of sports people, tabulated by name, league, and country.
Beyond Binary
Windows 7 may get a 'Family Pack'
Enthusiasts have spotted wording in a leaked test build of the operating system that suggests Microsoft may offer a three-PC deal with the new Windows.
Video
Video: iPhone 3G S launch in New York City
Digital Media
Fun with numbers a boon for StatCounter
The Web-tracking service claims IE market share has dropped off since March, but should we believe the numbers?
Video
A recipe for high-tech chocolate
Geek Gestalt
Spiral Jetty, earthwork extraordinaire
On the north edge of the Great Salt Lake, Robert Smithson's masterpiece sits peacefully, awaiting visitors willing to make the long trek to see one of the world's great land art pieces.
The Space Shot
Lunar mapping satellite snaps first test images
NASA's Lunar Reconnaissance Orbiter has snapped its first test images, showing the moon's starkly cratered terrain in preparation for the start of mapping operations.
Gallery
Photos: The Transcontinental Railroad's Golden Spike
Rafe's Radar
Marc Andreessen launches new venture fund
$300 million Andreessen Horowitz fund to back companies large and small, but only Internet-focused.
The Car Tech blog
Fisker's good Karma
At a dinner speech recently, Henrik Fisker laid out his plans for Fisker Automotive and its first car, the plug-in hybrid Karma.