+44 (0)115 933 8474 hello@n4stack.co.uk

Oracle Patch Update January 2017 (Database Server)

Oracle have released their latest critical patch update for Database Server yesterday evening (17/1) and it’s a pretty small list of vulnerabilities in comparision with typical releases.

 

This Oracle Critical Patch Update includes 2 new security fixes for Oracle Database impacting the below supported versions:

  • Oracle Database Server 11.2.0.4
  • Oracle Database Server 12.1.0.2

 

CVE-2017-3310 for an OVJM vulnerability is by far the most important with a base score of 9.0 and neither vulnerability is exploitable remotely without authentication.

Please see the full Oracle advisory here http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixDB as there are also vulnerabilities noted with Secure Backup and Big Graph.

Share This