Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS Access
Database Tools
SQL Scripts & Samples
» Database Forum
» Sitemap
Free Newsletters:
News Via RSS Feed

follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2

Posted Jul 19, 2010

Oracle's July Critical Patch Update for the Oracle Database Supported by Application Security, Inc.

By Staff

As stated by Team SHATTER’s Alex Rothacker, Although CVE-2010-0902 is rated by Oracle with a CVSS score of 6.0, this is the most severe vulnerability included in this CPU and should be patched immediately. The vulnerability allows full takeover of the database management system (DBMS) and possibly the server. In certain cases the CVSS ratings for vulnerabilities do not adequately reflect the threat to critical databases.

This is just one of the 59 vulnerability fixes for Oracle products in the July CPU, 13 specific to the Oracle database. Of these 13 database vulnerabilities, Esteban Martinez Fayo of Team SHATTER has been credited for identifying two of them (CVE-2010-0903 and CVE-2010-2373). And of the 13 vulnerabilities, Team SHATTER has identified two of high risk (CVE-2010-0902 and CVE-2010-0911).

View Article

Daily News Archives

Comment and Contribute


(Maximum characters: 1200). You have characters left.