Oracle has warned its customers of critical flaws in the security technology of some of its application and database server products.
The flaws are in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) of Oracle 8i and 9i Database Server, Oracle 9i Application Server, and versions 8 and 9 of the Oracle HTTP Server.
If exploited, the flaws can allow a client to take over the server.
In a statement, the company said: "Oracle is informing customers about SSL vulnerabilities detailed in Cert Advisory CA-2003-26 and SSL vulnerabilities detailed in several older Common Vulnerabilities and Exposures candidates.
"Oracle recommends that customers apply the patches for these vulnerabilities."
SSL and TLS are both widely used for protecting data transferred over the internet. In order to take advantage of the vulnerability, hackers would have to create a specially crafted X.509 certificate, which would allow server control.
"Oracle has always been strong on security so this is a surprise," said Professor Neil Barrett, technical director at Information Risk Management.
"Long before Microsoft got into Trusted Computing Oracle was running a well respected security programme, and they're well known for writing secure code."
Further information, and patches for the flaws, can be downloaded here.
Connexin drops out of Ofcom auction due to start next week
SwiftKey users now send two billion emoji every week
Recruitment plans are 'most ambitious ever', claims Openreach HR director Kevin Brady
Samsung's under-the-hood improvements separate the S9 from the pack when it comes to the display