As part of its October patch day, Oracle has released updates for Java and many of its enterprise products. The Java updates fix a total of 29 vulnerabilities spread across versions 6.0, 5.0 and 1.4.2 on all supported platforms.
Oracle gives 15 of the vulnerabilities a Common Vulnerability Scoring System (CVSS) score of 10.0, the highest possible level of severity. Users should therefore waste no time in installing JDK, JRE 6 Update 22 or updates for older Java branches.
The updates for enterprise products fix 85 security-related bugs in Oracle's database products, Oracle Application Server, Oracle E-Business Suite, StarOffice, PeopleSoft and other products.
One of the vulnerabilities in the database can be remotely exploited by unauthenticated attackers. The updates also fix vulnerabilities in (formerly Sun) Solaris, with one bug in the RPC service scoring 10.0 on CVSS. [Date: 13 October 2010; Source: http://www.h-online.com/security/news/item/Oracle-patches-Java-and-enterprise-products-1106937.html]
No comments:
Post a Comment