Over 200 vulnerabilities found in Oracle

The company recommends that system administrators stay on the lookout for the release of update patches

During its January update, the Oracle data management system announced that patches will be included to correct 248 new vulnerabilities present in multiple protocols, from the popular Oracle Database System to Solaris, Java and MySQL, as reported by network security experts from the International Institute of Cyber Security.

The vulnerabilities were found in multiple components of various Oracle products and, as it has become a regular behavior with each update, the list of affected products grows more and more.

According to experts in network security, among the products most affected by these security failures are:

  • Oracle Fusion Middleware, with 62 vulnerabilities, 57 are exploitable remotely
  • Oracle Communications, with 33 vulnerabilities, 29 exploitable remotely and without authentication
  • An update on Oracle People Soft to solve 20 security problems, 15 of them exploitable remotely
  • Oracle E-Business, with 16 exploitable vulnerabilities remotely
  • Oracle retail applications with 15 exploitable vulnerabilities without authentication
  • Oracle Sun Systems, with 11 new vulnerabilities
  • Oracle Enterprise Manager, with 9 exploitable remote vulnerabilities by users without authentication
  • Oracle virtualization, product that presented 30 security bugs (4 of them exploitable remotely) corrected with a single update patch

Network security experts recommend that sysadmins check the severity of the reported bugs, as well as search for the availability of update patches according to the user. All the information that users require to consult is available on the Oracle official support page.