Oracle plans 41 security patches on Tuesday as quarterly patch update Serious (Critical Patch Update, CPU) of the part.The patches fix its products more than a dozen serious vulnerabilities.
In the Oracle patch release notice to customers, said CPU including Oracle database, the ten new security patches.These vulnerabilities exist in the Job Queue, Oracle OLAP, Oracle Spatial and Oracle Streams, the impact of the Oracle Database 9i, 10g and 11g.
Oracle patches released in the notice, said: "As the dangers posed by a successful attack, Oracle strongly recommends that customers use a serious update patch fixes as soon as possible."
The CPU includes Oracle Times Ten Data Server in a security vulnerability patch.Oracle said the flaw in the real proof in the case without being remotely exploitable.Common Vulnerability Scoring System (Common Vulnerability Scoring System, CVSS) score of this vulnerability is 7.5.
Oracle's tape backup management software, Oracle Secure Backup in the plans to rehabilitate nine new security vulnerabilities.Oracle said that all of the vulnerabilities are likely to prove the case without being remotely exploitable.CVSS scores the highest, or 10 points is the Windows version of Oracle Secure Backup products and version 7.5 on other platforms.
Oracle Application Server will fix four security patches.Oracle said, two of which in the absence of proof to be remotely exploitable.The highest CVSS score of these vulnerabilities is 5.0.
One patch fixes a problem in the Oracle Collaboration Suite, Oracle Collaboration Suite provides the tools and functionality of enterprise information.Oracle said that the Collaborative Workspaces Oracle Collaboration Suite components by the vulnerability.Collaborative Workspaces are built on the Oracle Collaboration Suite project interface.It allows users to share documents, plan meetings, and through the Forum or e-mail to complete the project.
The CPU also includes Oracle E-Business Suite of four security patches.Vulnerability exists in Oracle iProcurement, Oracle Application Object Library and the Oracle Applications Framework and Platform Engineering in.
In addition, there are five security patches is to fix the previous problem of BEA products.These vulnerabilities affect the Oracle WebLogic Server Plugin for Apache, Sun and IIS Web servers and WebLogic Portal.Oracle said that loopholes in the absence of authentication can be vulnerable to a remote use.Oracle WebLogic Server in the highest score CVSS vulnerabilities vulnerability is WebLogic Server Plugin for Apache, Sun and IIS Web server, score is 10.0.
Oracle released in October last year 36 security patches, fixes a dangerous WebLogic flaw and 15 databases serious flaws.