(LiveHacking.Com) – Oracle has released 76 patches affecting hundreds of its products including Java. 56 of the patches are for non Java related Oracle products including Oracle’s 11g and 10g database, Fusion Middleware 11g, Oracle Application Server 10g, E-Business Suite releases 12 and 11i, various Oracle PeopleSoft Enterprise products, Oracle Siebel CRM, Oracle Linux 5, and Oracle Sun Ray.
Before buying Sun, Oracle was known mainly for its Database products. October’s Critical Patch Update includes patches for 5 vulnerabilities in its database products, however none are rated as critical as they can’t be exploited remotely without the attacker using a username and password.
The other 20 patches are for Java and affect products like JavaFX and JRockit. 19 of the 20 can be exploited remotely without the need for authentication.
Affected Java versions:
- JDK and JRE 7
- JDK and JRE 6 Update 27 and earlier
- JDK and JRE 5.0 Update 31 and earlier
- SDK and JRE 1.4.2_33 and earlier
- JavaFX 2.0
- JRockit R28.1.4 and earlier (JDK and JRE 6 and 5.0)
Due to the threat posed by a successful attack, Oracle is strongly recommending that customers apply these fixes as soon as possible.