Oracle patches raft of vulnerabilities in business applications

Oracle released its first batch of security patches this year, fixing 270 vulnerabilities, mostly in business-critical applications. Many of the flaws can be exploited remotely without authentication.

The majority of the fixes are for flaws in business products such as Oracle E-Business Suite, Oracle Fusion Middleware, Oracle PeopleSoft, Oracle Retail Applications, Oracle JD Edwards, Oracle Supply Chain Products and Oracle Database Server.

E-Business Suite, which is used by companies to store key data and manage a wide range of business processes, accounts for more than 40 percent of the patched vulnerabilities — 121. Out of these, 118 are remotely exploitable and the highest rated one has a score of 9.2 (critical) in the Common Vulnerability Scoring System.

To read this article in full or to leave a comment, please click here