January 11, 2010

Oracle preps 24 fixes for quarterly security update

Oracle plans to distribute 24 security patches on Tuesday.

Ten of the fixes are meant for its popular Database Server offering, two of which can be remotely exploited without authentication.

Three patches are slated for the Application Server, three for the Applications Suite, one for the PeopleSoft and JD Edwards Suite, five for the BEA Products Suite and two for the Primavera Products Suite.

Three vulnerabilities have earned Oracle's highest severity rating — 10.0 on the Common Vulnerability Scoring System (CVSS), according to the company's pre-release announcement. These particular bugs are present in Listener for the Database; Oracle Secure Backup, part of the Database product; and Oracle JRockit, part of BEA Products.

Tuesday promises to be a busy day of patching, with fixes also expected from Microsoft and Adobe.

Oracle releases its patches on a quarterly basis.

Related Articles
Related Topics

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.