Home

Nov 30, 2017

Oracle releases emergency security update for ‘JOLTANDBLEED’ flaws


Oracle has released an urgency security update to fix five security vulnerabilities, which one of them is rated 10 out of 10 on the CVSSv3 bug severity scoring system, and a second was rated 9.9 out of 10.

The five flaws include one called “JoltandBleed” by the security researchers because of its likeness to the HeartBleed vulnerability found in OpenSSL in 2014. JoltandBleed is a dangerous flaw that could expose whole business applications running on PeopleSoft platforms accessible from the public Internet.

Oracle has released an urgency security update to fix five security vulnerabilities, which one of them is rated 10 out of 10 on the CVSSv3 bug severity scoring system, and a second was rated 9.9 out of 10.

The five flaws include one called “JoltandBleed” by the security researchers because of its likeness to the HeartBleed vulnerability found in OpenSSL in 2014. JoltandBleed is a dangerous flaw that could expose whole business applications running on PeopleSoft platforms accessible from the public Internet.

According to new research by cyber-security firm ERPScan, more than 1,000 businesses have their PeopleSoft systems exposed to the Internet, including a number of colleges that use PeopleSoft Campus Solutions to handle student data.

According to ERPScan:
Oracle has released 5 patches addressing severe vulnerabilities identified by the ERPScan team. The most critical of them have the highest CVSS base score of 9.9 and even 10.0 and may be exploited over a network without the need for a valid username and password.
Oracle said that the (CVE-2017-10272) memory disclosure flaw is simple to exploit and enables a low privileged attacker with network access via Jolt to compromise Oracle Tuxedo.

Oracle users are recommended to read the company’s most recent out-of-band security alerts and install the necessary updates.

authorarticle: Master3395
Oracle.jpg
video: 
youtube: 
sources: latesthackingnews
keywords: oracle, emergency, security, update

Comments:

comments powered by Disqus

Return
Discord

Page 1 of 459  >  >>

Gmail, Google Drive and Calendar come to Outlook.com

outlookgmailfinal.0.jpg

Nov 21, 2019 | Category: Google | Comments

Some have access already.

read more…

We wonder what the TV channel thinks about this

karlp.jpg

Nov 20, 2019 | Category: General | Comments

The actor and screenwriter shared a pirate version of their own series.

read more…

update iphone: Download new iOS and iPadOS

ios-11-559_091917010145.png

Nov 19, 2019 | Category: General | Comments

13.2.3 fixes quite as serious errors.

read more…

Page 1 of 459  >  >>