October 15, 2007 7:22 AM PDT

Oracle to push out 51 patches

By Tom Espiner
Special to CNET News.com

Oracle to push out 51 patches
Related Stories

Oracle: BEA canceled meeting at last minute

 October 13, 2007

Buyout could serve both BEA, Oracle

 October 12, 2007

Oracle to be more selective in patch development

 April 18, 2007
Oracle plans to push out 51 fixes for flaws in its software, in a self-described "critical patch update" on Tuesday.

The flaws affect a number of Oracle products. Some of the vulnerabilities addressed in the update affect multiple products.

The patches include fixes for 27 vulnerabilities in Oracle Database, five of which may be exploited remotely without authentication.

Oracle said it will now use version 2 of the CVSS (Common Vulnerability Scoring System) to rate the severity of flaws. It had previously used CVSS version 1.

The highest-rated Oracle flaw that will be patched has a CVSS version 2 base score of 6.8. Oracle Database's most serious flaw is rated 6.5.

Oracle Application Server faces 11 security fixes. Seven of these vulnerabilities may be remotely exploitable without authentication, Oracle said in a statement.

Oracle E-Business Suite, Oracle Enterprise Manager and Oracle PeopleSoft Enterprise products will also receive fixes.

Tom Espiner of ZDNet UK reported from London.

See more CNET content tagged:
Oracle Corp., Oracle Database, authentication, flaw, vulnerability

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

Inside CNET News

1-2 of 12

Scroll Left Scroll Right

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

Markets

Market news, charts, SEC filings, and more

Related quotes

Oracle (0.00%) 0.00 28.43
Dow Jones Industrials (0.00%) 0.00 12,874.04
S&P 500 (0.00%) 0.00 1,351.77
NASDAQ (0.00%) 0.00 2,931.39
CNET TECH (0.00%) 0.00 2,049.14
  Symbol Lookup