By Chris Kanaracus
IDG News Service
July 14, 2009
Oracle on Tuesday released its latest quarterly patch update, which
includes 10 security fixes for its database and also addresses a range
of vulnerabilities across the vendor's applications portfolio.
Among the 10 database vulnerabilites, three can be exploited across a
network without a user name or password. Affected database components
include advanced replication, network authentication, Secure Enterprise
Search and configuration management, Oracle said.
Two other patches are for Oracle Application Server weaknesses that can
also be exploited remotely without authentication, Oracle said.
Another group of fixes addresses issues with Oracle E-Business Suite
components, including Advanced Supply Chain Planning, Oracle
Applications Framework, iStore and iSupplier Portal.
In addition, Oracle is shipping a total of four fixes for its PeopleSoft
Enterprise, JD Edwards Enterprise One and Siebel application families,
two patches for Oracle Secure Backup, and two for Enterprise Manager.
Attend Black Hat USA, July 25-30 in Las Vegas,
the world's premier technical event for ICT security experts.
Network with 4,000+ delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com