Linux Today: Linux News On Internet Time.

More on LinuxToday

Oracle Patches Two Dozen Flaws

Jan 14, 2010, 00:14 (0 Talkback[s])
(Other stories by Sean Michael Kerner)

[ Thanks to Naomi Graychase for this link. ]

"A CVSS 10.0 score means that if the flaw is exploited, an attacker can take full control of the vulnerable system. There is a catch with this highly critical database flaw, though: Microsoft Windows users are more at risk than Linux or Unix users. Maurice noted that for Linux and Unix deployments, the CVSS score for the same vulnerability is only 7.5, since a full compromise all the way to the operating system level isn't possible on those systems.

"On a year-over-year basis, the January 2010 CPU patch haul actually represents a decline from the 41 flaws Oracle reported in January 2009.

"Still, at least one database security professional still sees cause for concern. "

Complete Story

Related Stories: