Oracle fixes 36 more vulnerabilities

Article

Oracle fixes 36 more vulnerabilities

Oracle Corp. Tuesday handed out another major patch load as part of its quarterly patch cycle.

The Redwood Shores, Calif.-based vendor in total patched 36 vulnerabilities in various products, including

    Requires Free Membership to View

    Login

    When you register, you'll begin receiving targeted emails from my team of award-winning editorial writers on the latest customer relationship management (CRM)and call center technology issues today. Our goal is to keep you informed on the hottest issues facing this fast-changing industry.

    Hannah Smalltree, Editorial Director

    By submitting your registration information to SearchCRM.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchCRM.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

its database and application server software.

Along with the security updates, Oracle yesterday said it has made changes to an existing tool that seek out default accounts and passwords that could theoretically be used for nefarious purposes by malicious hackers. According to Oracle's MetaLink customer support site, databases upgraded from Oracle 7, Oracle 8i or Oracle 9i may still have the default accounts.

For more information about Oracle

Report finds SAP winning war with Oracle

Oracle dubs Siebel Analytics the 'first step toward Fusion'

Security firm Symantec Corp. issued an alert to its customers, which said that many of the vulnerabilities addressed this quarter are significant.

"The biggest noticeable difference to previous [critical patch updates] is that the number of fixes is lower," Oracle security guru Pete Finnigan wrote in his blog, a reference to the 82 critical flaws Oracle addressed in its January update. "The database has 14 fixes for various versions of the database software, one of the fixes also applies to the application server."

According to Oracle, the patches released yesterday affect the following products:

  • Oracle Database 10g Release 2, versions 10.2.0.1, 10.2.0.2
  • Oracle Database 10g Release 1, versions 10.1.0.4, 10.1.0.5
  • Oracle9i Database Release 2, versions 9.2.0.6, 9.2.0.7
  • Oracle8i Database Release 3, version 8.1.7.4
  • Oracle Enterprise Manager 10g Grid Control, versions 10.1.0.3, 10.1.0.4, 10.2.0.1
  • Oracle Application Server 10g Release 2, versions 10.1.2.0.0 - 10.1.2.0.2, 10.1.2.1.0, 10.1.3.0.0
  • Oracle Application Server 10g Release 1 (9.0.4), versions 9.0.4.1, 9.0.4.2
  • Oracle Collaboration Suite 10g Release 1, versions 10.1.1, 10.1.2.0, 10.1.2.1
  • Oracle9i Collaboration Suite Release 2, version 9.0.4.2
  • Oracle E-Business Suite Release 11i, versions 11.5.1 - 11.5.10 CU2
  • Oracle E-Business Suite Release 11.0
  • Oracle Pharmaceutical Applications versions 4.5.0 - 4.5.2
  • Oracle PeopleSoft Enterprise Tools, versions 8.47GA - 8.47.04
  • Oracle PeopleSoft Enterprise Tools, versions 8.46GA - 8.46.12
  • JD Edwards EnterpriseOne Tools, OneWorld Tools, versions 8.95 - 8.95.J1
    Related Topics: CRM industry news, VIEW ALL TAGS