Oracle releases whole security blanket of patches
43 updates, 15 remotely exploitable
Oracle has released its latest quarterly patch batches with the publication of 43 updates, covering security flaws across its product range.
The update covers 16 bulletins for Oracle Database Server, a dozen for Oracle Application Server and three updates for Oracle Applications. There's also a quartet of bulletins apiece for Oracle PeopleSoft and JDEdwards Suite and eight updates for BEA Products Suite.
Two of the database vulnerabilities might be remotely exploitable without authentication, distinguishing them from run of the mill security vulnerabilities. Three of the Oracle Application Server flaws, as well as all three of the E-business server flaws, carry the same heightened risk.
Two of the Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne flaws as well as five of the BEA-related security bugs also pose possible code injection risks.
Oracle's bulletin explains the flaws in far greater depth here. ®