Oracle Remedies 87 Security Flaws
Saturday, July 21st, 2012 | Author:

On Wednesday, Oracle released a sizeable security update, fixing 87 vulnerabilities spanning a number of products, including 24 for the Oracle Sun product suite.

The most critical of the vulnerabilities impacts the Oracle JRockit Java Virtual Machine (CVE-2012-3135), and has an importance base score of 10.0 — the highest possible rating. From an exploitation standpoint, a 10.0 score is a “perfect storm,” explained Rapid7 Security Researcher Marcus Carey, because it can be accessed remotely, has low complexity and can result in a complete compromise of the vulnerable software.


Besides the two-dozen bugs tied to the Sun product suite, the update includes 22 security fixes for Oracle Fusion Middleware; a security fix for Oracle Hyperion; nine for Oracle PeopleSoft products; seven for Oracle Siebel CRM; one for Oracle Industry Applications; six for MySQL; four for the Oracle E-Business suite; one for Oracle Enterprise Manager Grid Control; five for the Oracle Supply Chain product suite; four for the Oracle Database Server; a fix for Oracle Application Express Listener and two for Oracle Secure Backup Apache Component.


Category: DataBase Security