73 flaws have been patched by Oracle
By Gina on April 26, 2011 | Computer Security, Oracle update, Critical Patch Update, Oracle patched vulnerabilities
Oracle released a Critical Patch Update for its various products. An update patches 73 vulnerabilities of Oracle artifact portfolio.
18 of them are targeted to fix Oracle Sun Products suite. The most serious and dangerous flaw to be fixed is considered to be the GlassFish Enterprise Java Middleware server. This vulnerability was scored as most dangerous of all and evaluated 10.0/10.0. The GlassFish flaw may be a great opportunity to hacker to intrude an unpatched server and make malicious actions.
Oracle also included 8 updates for the Open Office suite. Oracle was able to find out and identify 7 flaws that could be exploited by cybercriminals without a need to use any usernames or passwords. Updates are created for Oracle’s Fusion Middleware portfolio, Oracle’s E-Business Suite, PeopleSoft portfolio and Siebel CRM.
Alex Rothacker, Director of Security, AppSec's TeamSHATTER in a statement claimed: „While we continue to disagree with the watered-down CVSS scores that Oracle assigns to its database vulnerabilities, it should not go overlooked that the majority of the fixes made in the last two CPUs were a direct result of the discoveries reported by TeamSHATTER researcher. In a time when cyber criminals are making it abundantly clear that they are most interested in stealing sensitive information from databases, we urge all Oracle customers to heed the advice and guidance provided when it comes to patching the vulnerabilities disclosed in each CPU.“
More Computer Security news
39 flaws are fixed by Apple
Apple released OS X Lion 10.7.4 in order to fix 35 security holes as well as 4 vulnerabilities in the Safari web browser. The problem with Time Machine in OS X Lion is fixed with the new update. These flaws could enable a remote attacker to access a user's backup credentials. An issue is solved with Directory Service which could allow exposing sensitive data by the attacker. Read more.- Apple fixes Java flaw (April 2012)
- Google releases Chrome 17 update
- More patches for Flash Player (March 2012)
- Enterprises do not trust cloud computing, claims study
- Flash bug removed; Adobe released 7 patches
- Adobe news: Sandboxed Flash Player for Firefox released
- How to get PDF secured?
- 'Nazileaks' site is hacked by hacker group Anonymous
- Spywared.com wishes you happy holidays!
- Silent IE updates
