By On April 16, Oracle has closed 128 security holes across its whole range of products. Two of the vulnerabilities addressed by these patches are rated with the highest severity and a score of 10 according to the CVSS2. These two vulnerabilities affect the Workload Manager in Oracle’s 11g Database Server (CVE-2013-1534) and the JRockit JVM in the company’s Fusion Middleware (CVE-2013-2380). Because of the threat posed by the holes, Oracle recommends that customers apply the Critical Patch Update fixes as soon as possible. Oracle’s Database Server, both the 10g and 11g versions, is affected by four vulnerabilities in total; aside from the hole in Workload Manager with a score of 10, the other three vulnerabilities have a CVSS2 score of 5. All of these vulnerabilities are remotely exploitable without authorization.<more>
Menu
