Oracle is to release updates on Tuesday (October 16) that patches 51 security vulnerabilities across hundreds of products.
Oracle will release updates on Tuesday, October 16 that patch 51 security vulnerabilities across hundreds of products.
The list of updates is as follows (excerpt from The Register):
Oracle Database is affected by 27 vulnerabilities. Five of these vulnerabilities may be remotely exploitable without authentication (may be exploited over a network without the need for a username and password). None of these fixes are applicable to Oracle Database client-only installations. Oracle Application Server is affected by 11 vulnerabilities. Seven of these vulnerabilities may be remotely exploitable without authentication. No new fixes are applicable for client-only installations. Oracle E-Business Suite and Applications is affected by eight vulnerabilities. Only one of the vulnerabilities is described as remotely exploitable without the need for authentication. Oracle Enterprise Manager is affected by two vulnerabilities that may exploited over a network without the need for user/password credentials. Oracle PeopleSoft Enterprise PeopleTools and JD Edwards EnterpriseOne are affected by three vulnerabilities. None of these vulnerabilities may be exploited remotely without authentication.
You can read more from the official Oracle critical patch update pre-release announcement - October 2007. Oracle generally issues patches every quarter. In July, it issued updates fixing 45 vulnerabilities.