iTnews
  • Home
  • News
  • Technology
  • Security

Oracle patches critical vulnerabilites in major update

By Phil Muncaster
Apr 16 2009 6:29AM
Follow google news

Oracle has released 43 security fixes across its portfolio of products as part of its quarterly patch update, including several for vulnerabilities marked as 'critical'.

The update includes patches for 16 vulnerabilities in Oracle Database 11g, 10g and 9i.

The most serious is a flaw in Oracle Resource Manager, which was given a Common Vulnerability Scoring System (CVSS) score of nine.

Other affected products include Oracle Application Server, which was allocated 12 security fixes, and several BEA products, including two with CVSS scores of 10.

Vulnerabilities in the Oracle JRockit runtime platform and WebLogic Server itself could both be exploited remotely by a hacker to steal information without the need for username or password authentication, Oracle said.

Other fixes were released for Oracle's E-Business Suite and the PeopleSoft Enterprise product line.

"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply fixes as soon as possible. Until you apply the fixes, it may be possible to reduce the risk of successful attack by restricting network protocols required by an attack," the firm said in a statement.

"For attacks that require certain privileges or access to certain packages, removing the privileges or the ability to access the packages from unprivileged users may help reduce the risk of successful attack."

Oracle patches critical vulnerabilites in major update

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
attackcriticalfixesoracleproductssecuritysoftwareupdate

Related Articles

  • US gov shortens cyber fix window to three days US gov shortens cyber fix window to three days
  • Microsoft limits employee use of Anthropic's Claude Fable 5 Microsoft limits employee use of Anthropic's Claude Fable 5
  • Aurora Energy to modernise its ERP system Aurora Energy to modernise its ERP system
  • Anthropic releases Mythos-class model for public use Anthropic releases Mythos-class model for public use
Join our WhatsApp Channel

Partner Content

CommBank creates opportunities for technologists to upskill with frontier AI companies
Partner Content CommBank creates opportunities for technologists to upskill with frontier AI companies
From test case to control tower: How DXC and ServiceNow are governing enterprise AI at scale
Promoted Content From test case to control tower: How DXC and ServiceNow are governing enterprise AI at scale
Agile isn’t the problem: why projects still fail, and what’s missing
Partner Content Agile isn’t the problem: why projects still fail, and what’s missing
The hidden economics of AI: Why token usage matters more than you think
Partner Content The hidden economics of AI: Why token usage matters more than you think

Sponsored Whitepapers

Agile in the AI Era: why projects still fail
Agile in the AI Era: why projects still fail
When Technology Becomes the Blocker: Unlocking Real Outcomes from AI and Cloud
When Technology Becomes the Blocker: Unlocking Real Outcomes from AI and Cloud
High-volume data sources for AI-driven security analytics
High-volume data sources for AI-driven security analytics
How healthcare organisations can get more value from cloud
How healthcare organisations can get more value from cloud
1 in 3 companies lose SaaS data. Here’s how to prevent it
1 in 3 companies lose SaaS data. Here’s how to prevent it

Events

  • iTnews State of Security Breakfast iTnews State of Security Breakfast
  • iTnews State of Data & AI Breakfast iTnews State of Data & AI Breakfast
  • Forrester's AI Forum Sydney Forrester's AI Forum Sydney
  • The 2026 iAwards The 2026 iAwards
  • Integrate 2026 Integrate 2026
Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Anthropic opens Claude Mythos Preview AI program to Australia

Anthropic opens Claude Mythos Preview AI program to Australia
Defence says Palantir is "sandboxed" in its environment

Defence says Palantir is "sandboxed" in its environment
Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
Researchers build self-replicating AI worm with BYO LLM

Researchers build self-replicating AI worm with BYO LLM
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.