News Targeted


Category: IT|Nov 30, 2017 | Author: Admin

Oracle releases emergency security update for ‘JOLTANDBLEED’ flaws

Share on

Oracle has released an urgent security update to fix five security vulnerabilities, one of which is rated 10 out of 10 on the CVSSv3 bug severity scoring system, and a second was rated 9.9 out of 10.

The five flaws include one called “JoltandBleed” by security researchers because of its likeness to the HeartBleed vulnerability found in OpenSSL in 2014. JoltandBleed is a dangerous flaw that could expose whole business applications running on PeopleSoft platforms accessible from the public Internet.

 

According to new research by cyber-security firm ERPScan, more than 1,000 businesses have their PeopleSoft systems exposed to the Internet, including a number of colleges that use PeopleSoft Campus Solutions to handle student data.

 

According to ERPScan:

Oracle has released 5 patches addressing severe vulnerabilities identified by the ERPScan team. The most critical of them have the highest CVSS base score of 9.9 and even 10.0 and may be exploited over a network without the need for a valid username and password.

Oracle said that the (CVE-2017-10272) memory disclosure flaw is simple to exploit and enables a low privileged attacker with network access via Jolt to compromise Oracle Tuxedo.

 

Oracle users are recommended to read the company’s most recent out-of-band security alerts and install the necessary updates.

Sponsored Ads:

Comments:

Previous article >


Microsoft announces new security services and features for AI deployments

Category: Microsoft|May 6, 2024 | Author: Admin

Can force Facebook to allow it

Category: IT|May 5, 2024 | Author: Admin

Siri can no longer tell the clock

Category: Apple|May 4, 2024 | Author: Admin

Struggling with VPN

Category: Microsoft|May 3, 2024 | Author: Admin

This is how Huawei tricked its way into the US

Category: IT|May 2, 2024 | Author: Admin

Edge 125 arrives in Beta with sleeping tab improvements and other changes

Category: IT|May 1, 2024 | Author: Admin

Now the iPad opens

Category: Apple|Apr 30, 2024 | Author: Admin

Woke up locked out of Apple ID on iPhone

Category: Apple|Apr 29, 2024 | Author: Admin

Google has a hidden collection of highly-addictive retro games

Category: Google|Apr 28, 2024 | Author: Admin

Google is officially a $2 trillion company

Category: Google|Apr 27, 2024 | Author: Admin

Snowden: “DO NOT use Reddit!”

Category: IT|Apr 26, 2024 | Author: Admin

Popular Google app used by millions set to close in a few weeks

Category: Google|Apr 25, 2024 | Author: Admin

Cheeky, YouTube!

Category: Google|Apr 24, 2024 | Author: Admin

This is the date Apple will reveal new iPads

Category: Apple|Apr 23, 2024 | Author: Admin

Only possible with VPN

Category: IT|Apr 22, 2024 | Author: Admin
more