The patch -- affecting Oracle Database, Oracle Application Server, Oracle E-Business Suite and Applications, Oracle Enterprise Manager, Oracle PeopleSoft Enterprise, and Oracle Siebel SimBuilder -- includes 17 new security fixes for the Oracle Database, 11 new security fixes for the Oracle E-Business Suite, and three new security fixes for Oracle Application Server.
The vulnerabilities addressed allowed for some Oracle products to be remotely exploited without authentication. That is, they may be exploited over a network without the need for a username and password.
See original article on scmagazineus.com