Recent Posts

Pages: 1 ... 5 6 [7] 8 9 10
61
Oracle News / Massive Oracle security update
« Last post by Mike on January 21, 2015, 04:11:24 PM »
Oracle has pushed out a massive security update, including critical fixes for Java SE and the Oracle Sun Systems Products Suite.

Overall, the update contains nearly 170 new security vulnerability fixes, including 36 for Oracle Fusion Middleware.

Twenty-eight of these may be remotely exploitable without authentication and can possibly be exploited over a network without the need for a username and password.

One exploit is that there is still no way of authenticating Java downloads, either a download through HTTPS or a hash fingerprint of the file, accessible via HTTPS.

This used to exist up until ~2 years ago, but now it's all insecure (the download can include drive-by malware).

Overall, the update contains nearly 170 new security vulnerability fixes, including 36 for Oracle Fusion Middleware. Twenty-eight of these may be remotely exploitable without authentication and can possibly be exploited over a network without the need for a username and password.The most serious of the bugs however impact Java SE, Fujitsu M10-1, M10-4 and M10-4S. In the case of Java SE, a CVSS Base Score of 10.0 was reported for four distinct client-only vulnerabilities (CVE-2014-6601; CVE-2015-0412; CVE-2014-6549; and CVE-2015-0408).

"Out of these [Java] 19 vulnerabilities, 15 affect client-only installations, 2 affect client and server installations, and 2 affect JSSE installations," blogged Oracle Software Security Assurance Director Eric Maurice.

"This relatively low historical number for Oracle Java SE fixes reflect the results of Oracle's strategy for addressing security bugs affecting Java clients and improving security development practices in the Java development organization."

In the case of the Oracle Sun Systems Products Suite, CVE-2013-4784 has a CVSS rating of 10.0 and affects XCP Firmware versions prior to XCP 2232. Overall, there are 29 security fixes for the suite.

The update also includes eight new security fixes for Oracle Database Server, none of which are remotely exploitable without authentication.

Oracle MySQL has nine security fixes. There are also:
  • 10 fixes for Oracle Enterprise Manager Grid Control;
  • 10 for Oracle E-Business Suite;
  • 6 for the Oracle Supply Chain Products Suite;
  • 7 security fixes for Oracle PeopleSoft products;
  • 17 for Oracle Siebel CRM;
  • 1 for Oracle JD Edwards Products;
  • 2 for Oracle iLearning;
  • 2 for Oracle Communications Applications;
  • 1 for Oracle Retail Applications;
  • 1 for Oracle Health Sciences Applications 
  • 11 new security fixes for Oracle Virtualization
62
Oracle News / Ask Tom: On Oracle Database In-Memory
« Last post by Mike on January 20, 2015, 11:00:26 PM »
Ask Tom: On Oracle Database In-Memory
20 January 2015, 12:26 pm

Our technologist--Tom Kyte--talks with Oracle product management about Oracle Database In-Memory.

Source: Oracle Magazine - Most Recent

63
Oracle Security Alerts / Oracle Critical Patch Update Advisory - January 2015
« Last post by Mike on January 20, 2015, 05:00:09 PM »
Oracle Critical Patch Update Advisory - January 2015
20 January 2015, 1:30 pm

Oracle Critical Patch Update Advisory - January 2015

Source: Oracle Security Alerts

64
Oracle News / Feature: Oracle Excellence Awards 2014
« Last post by Mike on January 15, 2015, 05:00:34 PM »
Feature: Oracle Excellence Awards 2014
15 January 2015, 12:53 pm

Oracle recognizes customers and partners that make digital disruption an opportunity for innovation. Meet the 2014 winners.

Source: Oracle Magazine - Most Recent

65
Oracle News / Interview: Multiservice Cloud Development
« Last post by Mike on January 14, 2015, 05:00:13 PM »
Interview: Multiservice Cloud Development
14 January 2015, 12:12 pm

The Oracle Cloud platform offers developers more capabilities, choices, and combinations.

Source: Oracle Magazine - Most Recent

66
Oracle News / Customer Feature: Security in Person
« Last post by Mike on January 13, 2015, 05:02:16 PM »
Customer Feature: Security in Person
13 January 2015, 11:59 am

Oracle Identity Management solutions secure sensitive applications and data on premises and in the cloud. Learn how two organizations are turning to the Oracle Identity Management platform.

Source: Oracle Magazine - Most Recent

67
Oracle News / Oracle Magazine January - February 2015 Issue
« Last post by Mike on January 05, 2015, 05:03:25 PM »
Oracle Magazine January - February 2015 Issue
5 January 2015, 2:25 pm

Oracle Magazine January/February includes a profile of two organizations that are turning to the Oracle Identity Management platform; Ingersoll Rand's Oracle engineered systems , winners of the Oracle Excellence Awards 2014, an interview with Mike Lehmann, vice president of product management for Oracle Cloud Application Foundation; Mark Rittman on business intelligence with Oracle Database In-Memory; Arup Nanda on JSON and Oracle Database 12c; Steven Feuerstein on slimmimg your PL/SQL; Tom Kyte answers your questions; test your database expertise with our Inside OCP column; Partner News; Book Beat and much more

Source: Oracle Magazine - Most Recent

68
PSOUG / Study Material for '1Z0-517' ?
« Last post by NKUIYA on December 16, 2014, 01:13:50 AM »
Can anyone please suggest some Study Material/Book/Dumps for Oracle Payables Certification of '1Z0-517' ?
69
Oracle News / Last Word: See You Next Year (photo essay)
« Last post by Mike on December 11, 2014, 05:05:38 PM »
Last Word: See You Next Year (photo essay)
10 December 2014, 3:06 pm

Save the date. OpenWorld 2015 is October 25-29, 2015.

Source: Oracle Magazine - Most Recent

70
Oracle News / Peer-to-Peer: Flexing Mental Muscles
« Last post by Mike on December 09, 2014, 05:01:55 PM »
Peer-to-Peer: Flexing Mental Muscles
9 December 2014, 3:34 pm

Peers praise flexible database technologies and stay limber in the face of challenges.

Source: Oracle Magazine - Most Recent

Pages: 1 ... 5 6 [7] 8 9 10