Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS SQL
Oracle
DB2
MS Access
MySQL
» RESOURCES
Database Tools
SQL Scripts & Samples
Links
» Database Forum
» Sitemap
Free Newsletters:
DatabaseDaily  
News Via RSS Feed


follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2
 

Posted Jul 19, 2010

Oracle's July Critical Patch Update for the Oracle Database Supported by Application Security, Inc.

By DatabaseJournal.com Staff

As stated by Team SHATTER’s Alex Rothacker, Although CVE-2010-0902 is rated by Oracle with a CVSS score of 6.0, this is the most severe vulnerability included in this CPU and should be patched immediately. The vulnerability allows full takeover of the database management system (DBMS) and possibly the server. In certain cases the CVSS ratings for vulnerabilities do not adequately reflect the threat to critical databases.

This is just one of the 59 vulnerability fixes for Oracle products in the July CPU, 13 specific to the Oracle database. Of these 13 database vulnerabilities, Esteban Martinez Fayo of Team SHATTER has been credited for identifying two of them (CVE-2010-0903 and CVE-2010-2373). And of the 13 vulnerabilities, Team SHATTER has identified two of high risk (CVE-2010-0902 and CVE-2010-0911).

View Article

Daily News Archives

Comment and Contribute

 


(Maximum characters: 1200). You have characters left.