Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Serious 0-Day Flaw in Oracle -- Patch Released - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Serious 0-Day Flaw in Oracle -- Patch Released

Oracle has released an emergency security patch that corrects a 0-day flaw which is remotely exploitable without authentication.  This is a serious issue.

Oracle's security advisory can be found at the following link.  The advisory also contains recommendations for two  workarounds that you should implement to help mitigate the potential impact if you are not able to install the security patch right away:

  https://support.bea.com/application_content/product_portlets/securityadvisories/2793.html

More information about the issue can be found at:

  http://blogs.zdnet.com/security/?p=1581

Thanks to Frank for the heads-up.

 

David Goldsmith

David

78 Posts

Sign Up for Free or Log In to start participating in the conversation!