Oracle Plans To Patch 46 Vulnerabilities Next WeekOracle Plans To Patch 46 Vulnerabilities Next Week

The patches are part of Oracle's quarterly Critical Patch Update, which is coming out on July 17.

Sharon Gaudin, Contributor

July 13, 2007

2 Min Read
information logo in a gray background | information

Oracle announced that next Tuesday it will release patches for 46 vulnerabilities across its product lines.

The company prereleased information on its quarterly Critical Patch Update, which will cover bugs in Oracle's flagship database, its application server, Collaboration Suite, E-Business Suite, Enterprise Manager, and its PeopleSoft enterprise software.

Oracle gives its most severe security rating to at least one flaw in the PeopleSoft enterprise software. While Oracle doesn't give vulnerabilities a "critical" or "important" rating, like Microsoft does, the database and server company uses the Common Vulnerability Scoring System, which gives bugs a 0 to 10 ranking, with 10 being the most severe. According to an Oracle spokesman, the PeopleSoft bug scored a 4.8, while at least one bug in the Oracle E-Business Suite received a 4.7, and the highest score among the database bugs was 4.2.

The Oracle database contains 20 of the 46 flaws being fixed next Tuesday, according to the prerelease announcement. Two of the 20 vulnerabilities may enable a hacker to remotely exploit them without the need for a user name and password. Oracle noted that none of the fixes is applicable to Oracle database client-only installations, but only to systems that have the database itself installed.

The advisory also noted that next week's patches will fix 14 vulnerabilities in Oracle's E-Business Suite. Six of the flaws also may be remotely exploitable without authentication.

Four vulnerabilities will be fixed in Oracle's application server. Three of them may be remotely exploitable without authentication, while two are applicable to client-only installations. The advisory noted that the application server products that are bundled with the Oracle database are affected by the Oracle database vulnerabilities being fixed in next week's Critical Patch Update.

Oracle's major patch release will come a week after Microsoft's monthly Patch Tuesday release, which was issued this past Tuesday. Microsoft's release fixed 11 vulnerabilities.

Read more about:

20072007

About the Author

Sharon Gaudin

Sharon Gaudin

Contributor

See more from Sharon Gaudin
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

A group of smiling college graduates celebrating their graduation.
IT Leadership
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era

Jan 17, 2025

Flame front of the Eaton Fire on the first night during the January 2025 California wildfires in Altadena and Los Angeles
IT Sectors
How Tech Supports the Emergency Response to the LA County Wildfires
How Tech Supports the Emergency Response to the LA County Wildfires

Jan 16, 2025

Graphic Pop Art style Illustration of Keanu Reeves as NEO from the film, The Matrix
IT Infrastructure
Y2K and Infrastructure Resilience 25 Years Later
Y2K and Infrastructure Resilience 25 Years Later

Jan 7, 2025

Young businessman working on a virtual screen of the future and sees the inscription: Now hiring
IT Leadership
Help Wanted: IT Hiring Trends in 2025
Help Wanted: IT Hiring Trends in 2025

Nov 20, 2024

Cobol programming language software development concept on vitual screen.
IT Leadership
Untangling Enterprise Reliance on Legacy Systems
Untangling Enterprise Reliance on Legacy Systems

Jan 21, 2025

Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports