Oracle releases emergency security update for ‘JOLTANDBLEED’ flaws

IT | Nov 30, 2017 | Master3395

Oracle has released an urgency security update to fix five security vulnerabilities, which one of them is rated 10 out of 10 on the CVSSv3 bug severity scoring system, and a second was rated 9.9 out of 10.

The five flaws include one called “JoltandBleed” by the security researchers because of its likeness to the HeartBleed vulnerability found in OpenSSL in 2014. JoltandBleed is a dangerous flaw that could expose whole business applications running on PeopleSoft platforms accessible from the public Internet.

According to new research by cyber-security firm ERPScan, more than 1,000 businesses have their PeopleSoft systems exposed to the Internet, including a number of colleges that use PeopleSoft Campus Solutions to handle student data.

According to ERPScan:
Oracle has released 5 patches addressing severe vulnerabilities identified by the ERPScan team. The most critical of them have the highest CVSS base score of 9.9 and even 10.0 and may be exploited over a network without the need for a valid username and password.
Oracle said that the (CVE-2017-10272) memory disclosure flaw is simple to exploit and enables a low privileged attacker with network access via Jolt to compromise Oracle Tuxedo.

Oracle users are recommended to read the company’s most recent out-of-band security alerts and install the necessary updates.

Keywords: oracle, emergency, security, update

Sources: latesthackingnews

Author: Master3395


comments powered by Disqus

Page 1 of 355  >  >>

The countdown has started for Windows 7


Jan 17, 2019 | Category: Microsoft | Comments

Microsoft will stop free support by 2020.

It has been known for a long time that the official support for Windows 7 is nearing the end. January 14, 2020, is the date, then Microsoft will no longer provide free support to users of this OS and security updates will stop. You will still be able to use Windows 7, but in many ways, you will be left to yourself, at your own risk.

read more…

You can connect this thin screen to almost anything


Jan 16, 2019 | Category: General | Comments

The Lapscreen is almost a perfect traveling companion.

More and more devices use the USB C standard, and now there is a lot of new enhancement that uses the technology.

read more…

OnePlus 7 image leaked - where in the day is the camera?


Jan 15, 2019 | Category: General | Comments

Frameless and no holes in the screen.

OnePlus 6T has only been a few months in the store shelves, but a picture that has appeared on the web is bouncing up the speculation about the next flagship.

read more…

Page 1 of 355  >  >>