'Highly critical' flaws plague Oracle software

By
Follow google news

Secunia warns of DoS attacks, security bypass and manipulation of data. A raft of 'highly critical' flaws have been found in several of Oracle's software products.

'Highly critical' flaws plague Oracle software
The vulnerabilities could allow a remote user to bypass a system's security, manipulate data or cause a denial of service, according to Secunia.

"Some of these have unknown impacts, while others can be exploited to bypass certain security restrictions and conduct SQL injection attacks, cause denial of service, and potentially compromise a vulnerable system," said a Secunia advisory, which rated the vulnerabilities as 'highly critical'. 

Oracle has already issued a patch to fix the flaws in its software and has advised users to apply it immediately.

"Due to the threat posed by a successful attack, Oracle strongly recommends that fixes are applied as soon as possible," said Oracle in a security statement. "This Critical Patch Update contains 45 new security fixes across all products."

The problems were discovered in a range of applications, including Oracle Application Express, Application Server, Collaboration Suite, Oracle Database, E-Business Suite, PeopleSoft Enterprise CRM and Oracle Secure Enterprise Search.

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
criticalflawshighlyoracleplaguesecuritysoftware

Sponsored Whitepapers

Shift left: The IT leader's digital workplace maturity playbook
Shift left: The IT leader's digital workplace maturity playbook
Mind the M365 security gap
Mind the M365 security gap
The future of resilience: AI-Driven dynamic storage
The future of resilience: AI-Driven dynamic storage
Stop Hiring Like It’s 2025: AI-Augmented Cybersecurity Performance Data Every CISO Needs
Stop Hiring Like It’s 2025: AI-Augmented Cybersecurity Performance Data Every CISO Needs
5 reasons to adopt a mobile first security strategy
5 reasons to adopt a mobile first security strategy

Events

Most Read Articles

'Copy Fail' Linux privesc bug lay dormant in kernel since 2017

'Copy Fail' Linux privesc bug lay dormant in kernel since 2017
Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
Medibank reveals attack vector and cost of 2022 security breach

Medibank reveals attack vector and cost of 2022 security breach
Attacker embeds Claude Code in mass credential harvesting op

Attacker embeds Claude Code in mass credential harvesting op
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?