Friday, April 11, 2008

Oracle Warns of Critical db Server Vulnerabilities

Ryan Naraine writes on eWeek:

Database server giant Oracle plans to ship a major security update on Tuesday, April 15 to cover more than 40 vulnerabilities in a wide range of products.
The fixes are part of the company's quarterly CPU (critical patch update) and will cover severe vulnerabilities across hundreds of Oracle products.

According to Oracle's advance notice, 17 of the 41 flaws were discovered in its flagship Oracle Database, including two for Oracle Application Express.

"Two of these vulnerabilities may be remotely exploited without authentication, i.e., may be exploited over a network without the need for a username and password," the company warned.

More here.


Post a Comment

<< Home