HackDig : Dig high-quality web security articles for hackers

Oracle's Patch Tuesday: 89 Fixes

2014-08-10 19:52

Yesterday Oracle released a whopping 89 fixes to many of their products, 27 of which could allow remote code execution.
In Eric Maurice's post (Mr. Maurice is Oracle's Director of Software Security Assurance), he outlines some of the most important fixes:
- 6 fixes target Oracle Database, one of which allows remote exploitation without any authentication. CVE-2013-3751 goes into detail about the exploit.- 21 fixes target Oracle Fusion Middleware, of which 16 allow remote unauthenticated exploit. Some of these are related to CVE-2013-2461, which affects JRootkit and was related to a series of patches in Oracle's June patch fixes.- Oracle and Sun Systems Products Suite have 16 patches, 8 of which allow remote exploit without authentication.- Oracle MySQL has 18 fixes, 2 allowing remote exploit.

Oracle (and Fortinet) recommends that you deploy these patches as soon as possible on your affected systems - cybercriminals don't wait to take advantage of these vulnerabilities, nor should you.


Source: sexif-98-yadseut-hctap-s-elcaro/tsop/moc.tenitrof.golb

Read:2980 | Comments:0 | Tags:No Tag

“Oracle's Patch Tuesday: 89 Fixes”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools

Tag Cloud