Friday, January 30, 2015

Oracle January patch update fixes 169 flaws

In January's Critical Patch Update (CPU), Oracle released fixes for 169 security vulnerabilities covering various products. Oracle Database, Oracle Fusion Middleware components, Oracle Applications (eBusiness in particular), Oracle Sun Systems Products Suite, and Java SE get fixes for high severity security flaws. CVE-2014-6567 is the most severe one that targets Oracle Database and allows attackers to compromise the vulnerable server. According to Common Vulnerability Scoring System (CVSS), a score of 9.0 has been assigned to this issue. Oracle Fusion Middleware vulnerabilities are also patched and the most severe among them gets a CVSS score of 9.3. Oracle CPU contains 19 security fixes for Java. 10 security fixes for Oracle E-Business Suite are also covered in the latest CPU. <more>

No comments: