Oracle on Tuesday will issue fixes for 78 vulnerabilities in a number of the company’s products, including its Database Server, Fusion, PeopleSoft and Secure Backup. A number of the bugs Oracle is fixing can be used for remote code execution.
The Oracle Critical Patch Update for July is a huge batch of fixes for vulnerabilities in several of the company’s more popular and widely deployed products. There are 13 new bugs in Oracle Database Server, two of which the company said could be used to run arbitrary code on remote machines. In addition, all three of the vulnerabilities being fixed in Secure Backup are remotely exploitable.
There are 18 new vulnerabilities in the Oracle Enterprise Manager Grid Control, nine of which are not only remotely exploitable, but can be exploited without authentication.
Oracle will release the patches for the 78 vulnerabilities on July 19.