Oracle released 43 security fixes on Tuesday for a range of applications, including its flagship database, Oracle Application Server, E-Business Suite, PeopleSoft Enterprise and WebLogic Server.
Sixteen of the patches are for various database versions. The most severe vulnerability, which affects versions 18.104.22.168 and 22.214.171.124DV, "can potentially allow an attacker to gain full control of a vulnerable server," according to a post on Oracle's global product security blog. Other patches are for various 10g and 11g versions.
The patch update also addresses eight issues with WebLogic and AquaLogic products, including JRockit, and WebLogic Server plugins for Apache and IIS Web servers, according to the blog.
Other patches are for E-Business Suite Release 12, version 12.0.6, and Release 11i, version 126.96.36.199. The update also includes fixes for PeopleSoft PeopleTools 8.49; PeopleSoft HRMS 8.9 and 9.0; Oracle XML Publisher 5.6.2, 10.1.3.2 and 10.1.3.2.1; Oracle Outside In SDK HTML Export 8.2.2 and 8.3.0; and several versions of BI Publisher.
Full details are available on Oracle's Web site. Oracle releases its patch updates on a quarterly basis; the next is scheduled for July 14.