With attacks as an ever looming threat, protecting data should be high on the priority list. Oracle’s Critical Patch Update for July 2010 contains 13 new security fixes for Oracle Database Server, over half of which address vulnerabilities that could be remotely exploited without requiring a username and password. Two of these vulnerabilities, one for TimeTen In-Memory Database and one for Oracle Secure Backup, have a CVSS Base Score of 10.0. Database products with security vulnerabilities affected by this update include:
- Oracle Database 11g Release 2, version 11.2.0.1
- Oracle Database 11g Release 1, version 11.1.0.7
- Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4
- Oracle Database 10g, version 10.1.0.5
- Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV
- Oracle TimesTen In-Memory Database, versions 7.0.5.1.0, 7.0.5.2.0, 7.0.5.3.0, 7.0.5.4.0
- Oracle Secure Backup version 10.3.0.1