Oracle released a massive update containing 301 items with almost 30 percent of them receiving a CVSS v3.0 Base Score of 9.8 or critical rating indicating that immediate patching is needed.
The critical updates were spread across a wide variety Oracle products many of which if not patched could lead to remote exploits.
Oracle’s Retail Applications contained 13 9.8-rated updates spread over 10 applications all of which can lead to remote exploit without authorisation.
Fusion Middleware products contained 12 9.8-rated updates for its BI Publisher, Oracle API Gateway, Oracle Big Data Discovery, Oracle GoldenGate for Big Data, Oracle Identity Analytics, Oracle Identity Management Suite, Oracle Identity Manager and Oracle WebLogic Server all of which can lead to remote exploits.
The Oracle Insurance Applications had four 9.8-rated two for its Oracle Insurance Calculation Engine and Oracle Insurance Rules Palette.
Other applications containing at least one critical-rated vulnerability were: Oracle Sun Systems Products, Oracle Database Server, Oracle Communications, Oracle Construction and Engineering, Oracle Enterprise Manager, Oracle JD Edwards, Oracle MySQL and Oracle Siebel CRM.
Originally published in scmagazine.com North America.