Oracle is bringing in the new year with a swatch of security patches affecting many of its products. Many of the patches are rated high risk under the CVSS scoring system. Products affected include Oracle Audit Vault, JRockit, Solaris and WebLogic Server.
- 6 patches fix vulnerabilities in Oracle’s flagship database.
- 2 can be remotely exploited without a user name or password.
- 16 patches are for Oracle middleware products.
- 12 can be remotely exploited without a user name or password.
- Other patches are for Oracle’s Enterprise Manager, PeopleSoft, JD Edwards, Glassfish and OpenOffice.
Oracle will release patches for Java SE and Java for Business in February.