http://www.eweek.com/article2/0,1895,2158203,00.asp By Brian Prince July 12, 2007 Oracle has plans to deliver 46 security fixes for its customers by July 17. According to an Oracle security announcement, the patches will plug security holes in Oracle Database, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite and Applications and Oracle PeopleSoft Enterprise products. The most serious of the flaws—two vulnerabilities affecting Oracle PeopleSoft Enterprise products—have a CVSS score of 4.8. Twenty of the 46 fixes address issues in the database, and two of the flaws can be exploited remotely over a network without the need for a username and password. Fourteen others fix flaws in the Oracle E-Business Suite and Applications, six of which may be remotely exploited without authentication. In addition, four fixes are slated to be issued for Oracle Application Server, and three are to be issued for Oracle PeopleSoft Enterprise PeopleTools. Three of the flaws affecting Oracle Application Server can be exploited remotely. The upcoming July 17 fixes are part of the company's Critical Patch Update releases, issued four times year. The last batch, in April, featured 36 security fixes. _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Mon Jul 16 2007 - 02:27:32 PDT