Oracle update fixes security flaws

By Renai LeMay

Post a comment

Related Stories: Oracle plans to patch peck of flaws
August 3, 2004; Another 'critical' flaw, this time from Oracle
June 10, 2004

Database maker Oracle has corrected a number of security bugs with its latest quarterly update.

Various versions of Oracle products, including its database, application server and 11i E-Business Suite, are part of Tuesday's update, according to the company.

"A number of high-risk SQL injection and parameter manipulation security vulnerabilities in the Oracle E-Business Suite are corrected by the security patches released" Tuesday, said security company Integrigy, which produces tools for a number of enterprise applications from companies such as Oracle and PeopleSoft. "Customers with Internet-facing implementations of the Oracle E-Business Suite should consider applying these patches as soon as possible."

Chicago-based Integrigy added that "it is possible that an attacker with only a Web browser and a network connection (either internally or externally) to Oracle E-Business Suite Web application servers can execute malicious SQL statements in the database as the APPS database account."

Oracle's next update is scheduled for Oct. 18.

Renai LeMay of ZDNet Australia reported from Sydney.

See more CNET content tagged:
Oracle E-Business Suite, Integrigy, Oracle Corp., Oracle11i, application server

Latest tech news headlines

Will Craigslist drive scalpers out of business?
Posted in Digital Noise: Music and Tech by Matt Rosoff

November 10, 2009 5:44 PM PST
Kerry, U.N.'s Ban upbeat on climate prospects
Posted in Green Tech by Reuters

November 10, 2009 5:44 PM PST
Sponge absorbs 180 times its weight (in toxic sludge)
Posted in Crave by John Herrman

November 10, 2009 5:37 PM PST
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; Oracle (0.00%) 0.00 21.80; Dow Jones Industrials (0.00%) 0.00 10,246.97; S&P 500 (0.00%) 0.00 1,093.01; NASDAQ (0.00%) 0.00 2,151.08; CNET TECH (0.00%) 0.00 1,571.59

Inside CNET News

Scroll Left Scroll Right

Crave
Sponge absorbs 180 times its weight (in toxic sludge)
Researchers in China have adapted carbon nanotubes into a sponge-like material that can be squeezed dry and used to mop up oil spills.
Gallery
Images: Firefox through the ages
Digital Noise: Music and Tech
Create audio messages from song samples
Let Them Sing It For You is a Web app that lets you enter a text message, then splices the words together from pieces of songs it finds on the Web.
Beyond Binary
Microsoft moves MSN Video under Bing umbrella
The software maker said on Tuesday it is combining its video search and MSN content under the Bing brand.
Video
Exploratorium's shocking 40th anniversary kicks off
Digital Noise: Music and Tech
Will Craigslist drive scalpers out of business?
If I want good seats to a sold-out show, I wait until the last minute and buy via the Internet . How long before everybody else figures this out?
Video
A new workout for the Wii
Geek Gestalt
Music industry bows to point-and-shoot cameras
As cheap, powerful automatic cameras and camera phones proliferate, the music industry--and its sports counterpart--have had to realize they can't control fans' ability to take pictures.
Health Tech
New York hospital revives ailing computer network
St. Vincent's Medical Center switches to desktop virtualization and sees big savings in both staff time and electric bills.
Gallery
Photos: Top-rated reviews of the week
Dialed In Podcast
Prizefight: Motorola Droid vs. iPhone 3GS
A panel of judges from CNET.com take a look at the Motorola Droid and the iPhone 3GS to determine which is the better touch-screen smartphone.
Green Tech
Kerry, U.N.'s Ban upbeat on climate prospects
U.S. Senator John Kerry says he'll try to outline a compromise climate control bill, and U.N. Secretary-General Ban Ki-moon is upbeat on Washington's intentions.