Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Security > Security Fixes and Improvements

April 20th, 2011, 15:00 GMT · By

Oracle Patches 73 Vulnerabilities

SHARE:

Adjust text size:

Oracle April Critical Patch Update fixes 73 vulnerabilities
Enlarge picture
Oracle has just released its quarterly security update addressing 73 vulnerabilities across its entire range of products, many of which are rated critical.

Six vulnerabilities were fixed in the Oracle Database Server. Two of them are remotely exploitable without authentication and the highest CVSS score of these flaws is 6.5.

Another nine vulnerabilities were addressed in Oracle Fusion Middleware, six of which can be exploited from a remote location.

One of these flaws, CVE-2010-4452, which is located in Oracle JRockit carries the maximum CVSS score of 10.0.

A single vulnerability was patched in the Oracle Enterprise Manager Grid Control. It carries a CVSS score of 5.5 and is not applicable to client-only installations.

Four security fixes address security holes in Oracle E-Business Suite. Two of them are exploitable over the network without authentication and have a 4.3 CVSS score.

Oracle Supply Chain Products Suite is affected by only one vulnerability, identified as CVE-2011-0837. It is remotely exploitable and carries a CVSS score of 4.3.

Fourteen security holes were plugged in Oracle PeopleSoft Products, the most serious of which carry a score of 5.5 on the CVSS scale. One of the vulnerabilities can be exploited over the network.

Eight security fixes concern Oracle JD Edwards Products and seven of them are remotely exploitable. The highest CVSS base score for these vulnerabilities is 6.8.

Three 4.3-scored remotely exploitable vulnerabilities were also patched in Oracle Siebel CRM and one in Oracle Industry Applications.

The highest number of vulnerabilities, eigtheen, were patched in the Oracle Sun Products Suite, seven of which were remotely exploitable. One flaw located in the Sun GlassFish Enterprise Server and Sun Java System Application Server carries the highest possible CVSS score.

Finally, eight security fixes targeted vulnerabilities in the Oracle Open Office Suite. Seven of them are remotely exploitable and six carry a CVSS base score of 9.3.

"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU [Critical Patch Update] fixes as soon as possible," the company writes in its advisory.


1,174 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


Oracle Releases Fix for Dangerous Java Denial of Service Bug
Oracle Prepares Monster Patch Update for Tomorrow
Oracle Issues Massive Security Patch

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use