All the latest UK technology news, reviews and analysis

Oracle plugs 88 security holes across an array of products

18 Jul 2012
New Oracle building with logo

Oracle is set to deliver 88 security patches in order to fix a number of bugs plaguing its portfolio of products, which it has urged customers to install as quickly as possible.

The fixes will mainly focus on weaknesses in Oracle's Sun product family, including the GlassFish application server and Solaris OS, with the company confirming 25 fixes for the range in a statement on Thursday.

Below it a further 22 patches were confirmed for its Fusion Middleware family. The company confirmed that eight of the vulnerabilities can be remotely exploited without a username or password.

Worryingly, a fix relating to Oracle's Fusion Middleware product JRockit, was given a Common Vulnerability Scoring System (CVSS) score of 10.0, the highest on the scale.

CVSS is a scoring system used by several big name companies including McAfee and Qualys to judge the seriousness of vulnerabilities.

Six fixes have also been confirmed for the MySQL database - though the company has promised none of the weaknesses involved can be exploited remotely without credentials - and a further four for its Database products.

Oracle revealed that three of the database vulnerabilities confirmed in the release can be exploited by an attacker over a network without the need for login credentials.

Other confirmed patches included fixes for vulnerabilities in Oracle's Hyperion, Enterprise Manager Grid Control, E-Business Suite, Siebel CRM, PeopleSoft and Oracle Industry Applications.

The patches are expected to arrive on 24 July and Oracle has issued a warning urging customers to upgrade their systems as soon as possible.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Windows 7 end of mainstream support

What are your plans for when Microsoft ends mainstream support for Windows 7 in January 2015?

Popular Threads

Powered by Disqus
LG G3 in gold black and white

LG G3 vs Galaxy S5 video

We pit the two Korean firms' flagship smartphones against each other

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

AngularJS Front End Developer - Contract - London

Angular, AngularJS, HTML, HTML5, Front End Developer...

Entry Level Ruby / Node Developer - Contract - London

Ruby, Ruby on Rails, Node, NodeJS, PHP, MySQL, API, Migration...

Junior Network Engineer

Junior Network Engineer required for our Luton based...

Business Analyst - Regulation & Securities - Investment Banking

Lead Business Analyst - Regulation and Securities - Investment...
To send to more than one email address, simply separate each address with a comma.