Oracle releases emergency security update for ‘JOLTANDBLEED’ flaws

IT | Nov 30, 2017 | Master3395

Oracle has released an urgency security update to fix five security vulnerabilities, which one of them is rated 10 out of 10 on the CVSSv3 bug severity scoring system, and a second was rated 9.9 out of 10.

The five flaws include one called “JoltandBleed” by the security researchers because of its likeness to the HeartBleed vulnerability found in OpenSSL in 2014. JoltandBleed is a dangerous flaw that could expose whole business applications running on PeopleSoft platforms accessible from the public Internet.

According to new research by cyber-security firm ERPScan, more than 1,000 businesses have their PeopleSoft systems exposed to the Internet, including a number of colleges that use PeopleSoft Campus Solutions to handle student data.

According to ERPScan:
Oracle has released 5 patches addressing severe vulnerabilities identified by the ERPScan team. The most critical of them have the highest CVSS base score of 9.9 and even 10.0 and may be exploited over a network without the need for a valid username and password.
Oracle said that the (CVE-2017-10272) memory disclosure flaw is simple to exploit and enables a low privileged attacker with network access via Jolt to compromise Oracle Tuxedo.

Oracle users are recommended to read the company’s most recent out-of-band security alerts and install the necessary updates.

Keywords: oracle, emergency, security, update

Sources: latesthackingnews

Author: Master3395


comments powered by Disqus

Page 1 of 409  >  >>

Dell flause for the second time in two months


Jun 26, 2019 | Category: IT | Comments

But this time, not only Dell customers are affected.

If you own a Dell device, you should update your system now.

read more…

New charging technology fills 4000mAh battery in record time


Jun 25, 2019 | Category: General | Comments

We have not seen faster speed charging than this.

read more…

Summoned to the Senate hearing on the Facebook's new crypto commitment


Jun 24, 2019 | Category: General | Comments

The Libra project raises privacy issues.

read more…

Page 1 of 409  >  >>