Oracle's July Critical Patch Update for the Oracle Database Supported by Application Security, Inc.

Monday Jul 19th 2010 by DatabaseJournal.com Staff
Share:

The CPU update for the Oracle database keys in on CVE-2010-0902 as a most dangerous vulnerability.

As stated by Team SHATTER’s Alex Rothacker, Although CVE-2010-0902 is rated by Oracle with a CVSS score of 6.0, this is the most severe vulnerability included in this CPU and should be patched immediately. The vulnerability allows full takeover of the database management system (DBMS) and possibly the server. In certain cases the CVSS ratings for vulnerabilities do not adequately reflect the threat to critical databases.

This is just one of the 59 vulnerability fixes for Oracle products in the July CPU, 13 specific to the Oracle database. Of these 13 database vulnerabilities, Esteban Martinez Fayo of Team SHATTER has been credited for identifying two of them (CVE-2010-0903 and CVE-2010-2373). And of the 13 vulnerabilities, Team SHATTER has identified two of high risk (CVE-2010-0902 and CVE-2010-0911).

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved