July 13, 2014

Oracle Releases 88 New Security Fixes

(LiveHacking.Com) – Oracle has released a massive security update to fix 88 security vulnerabilities many of which are remote code execution issues that can be exploited without user authentication. The update affects a whole range of Oracle products including Oracle Database 10g and 11g, Oracle JDeveloper, Oracle PeopleSoft Enterprise, Solaris and MySQL.

Oracle Database
Among the patches are six security fixes for the Oracle Database Server. Three of these vulnerabilities may be remotely exploitable without authentication (meaning that can be exploited over a network without the need for a username and password). One of these fixes is applicable to client-only installations (in other words installations that do not have the Oracle Database Server installed).

Solaris
The Oracle update includes 15 new security fixes for the Oracle Sun Products Suite. Five of these vulnerabilities may be remotely exploitable without authentication. Eight of the fixes are for Solaris and covers Solaris 8, 9, 10, 11. There are also fixes for the GlassFish Enterprise Server which is has two remotely exploitable vulnerabilities.

MySQL
MySQL has also been updated. There are six new security fixes but none of these vulnerabilities are remotely exploitable without authentication.

The Rest

  • 11 new security fixes for Oracle Fusion Middleware. 9 of these vulnerabilities may be remotely exploitable without authentication.
  • 6 new security fixes for Oracle Enterprise Manager Grid Control. 4 of these vulnerabilities may be remotely exploitable without authentication.
  • 4 new security fixes for the Oracle E-Business Suite. All of these vulnerabilities may be remotely exploitable without authentication.
  • 5 new security fixes for the Oracle Supply Chain Products Suite. 4 of these vulnerabilities may be remotely exploitable without authentication.
  • 15 new security fixes for Oracle PeopleSoft Products. 1 of these vulnerabilities may be remotely exploitable without authentication.
  • 2 new security fixes for Oracle Industry Applications.
  • 17 new security fixes for Oracle Financial Services Software. 1 of these vulnerabilities may be remotely exploitable without authentication
  • 1 new security fix for the Oracle Primavera Products Suite. This vulnerability is remotely exploitable without authentication.
Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks