The security holes were found across a large number of product families
Oracle has released its Critical Patch Update (CPU) for July 2013. A total of 89 vulnerabilities, many of which could have been exploited remotely without authentication, have been addressed.According to the advisory published by the company, the vulnerabilities impact product families such as Database, Fusion Middleware, Hyperion, Enterprise Manager, E-Business Suite, PeopleSoft, and Oracle Supply Chain.
Security holes have also been found in iLearning, Oracle Industry Applications Product Suite, Oracle Linux and Virtualization, Oracle and Sun Systems Product Suite, and Oracle MySQL Product Suite.
Among those who have reported security issues to Oracle, there are Adam Willard of Foreground Security, Ari Rubinstein of Salesforce.com, Borked of the Google Security Team, David HoytGuy Lichtman of McAfee Security Research, Richard Warren of NCC Group, Rohan Stelling of BAE Systems Detica, and many others.
The company advises customers to update their installations as soon as possible.
The next CPU is scheduled for October 15, 2013.