Oracle issued 45 security fixes for its customers Tuesday as part of its quarterly Critical Patch Update. The 45 patches plug security holes in Oracle Database, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite and Applications, and Oracle PeopleSoft Enterprise products. The most serious of the flaws are two vulnerabilities affecting Oracle PeopleSoft Enterprise PeopleTools and received a Common Vulnerability Scoring System rating of 4.8 out of 10. The flaw can be exploited remotely by attacker but requires user authentication.
The company initially planned 46 patches for this weeks release. An Oracle spokesperson said an issue came out in the late stages of the companys testing process that the development team could not resolve before the release of the update. "We will attempt to include the fix in the October 2007 CPU," the spokesperson said.