Next Tuesday, according to an announcement on its website, Oracle plans to release Critical Patch Update—a collection of patches for multiple security vulnerabilities.
As per the post on this site, this Critical Patch Update contains 66 new security vulnerability fixes across hundreds of Oracle (News - Alert) products. Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible.
Key products affected include Oracle Database Server, Oracle Secure Backup,Oracle Audit Vault, Oracle Fusion Middleware, Oracle Enterprise Manager Grid Control, Oracle Applications, Oracle Supply Chain Products Suite, Oracle PeopleSoft and JDEdwards Suite, Oracle Industry Applications, Oracle Sun Products Suite, and Oracle Open Office Suite.
This Critical Patch Update contains:
Vulnerabilities fixed by Critical Patch Updates are scored using the standard CVSS 2.0 scoring--see Oracle's use of CVSS scoring. The highest CVSS 2.0 base score for vulnerabilities in this Critical Patch Update is 10.0 for audit vault of Oracle Audit Vault, JRockit of Oracle Fusion Middleware, Solaris of Oracle Sun Products Suite and WebLogic Server of Oracle Fusion Middleware.