cvss 2.0

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Oracle patches DB, apps

Oracle patches DB, appsOracle Critical Patch Update Risk Matrix & CVSSHi Larry! This is Eric Maurice of Oracle. An important document for Oracle customers, the Critical Patch Update CPU Advisory lists vulnerabilities addressed in the CPU as well as provides other information related to the patches (affected platforms,...

Tags: SECURITY, Common Vulnerability Scoring System, vulnerability, Oracle Corp., Critical Patch Update, matrice, CVSS 2.0, severity

Discussion threads 2008-04-16

Additional Resources

Patch Day double-whammy: Oracle plugs 33 database holes

For businesses, today is a Patch Tuesday double-whammy. Just hours after Microsoft shipped six bulletins to cover multiple flaws in Windows and Internet Explorer, Oracle is getting set to release its quarterly batch of Critical Patch Updates with fixes for at least 33 security vulnerabilities. ...

Tags: Database, Oracle Corp., Critical Patch, Ryan Naraine

Blog posts 2009-07-14

Oracle drops mega critical patch bundle

Oracle has released the first Critical Patch Update for 2009 to provide fixes for at least address 43 vulnerabilities across several database server products. The mega update, released on the same day Microsoft released its own security patches, plugs at least 16 holes in the company's...

Tags: Oracle Corp., Critical Patch, Databases, Storage, Enterprise Software, Security, Software, Data Management, Hardware, Ryan Naraine

Blog posts 2009-04-15

Cisco warning: Serious flaws in Wireless LAN controllers

Routing and switching giant Cisco has released an alert to warn of multiple security flaws in some of its Wireless LAN controllers. The company documented at least four vulnerabilities that could lead to denial-of-service or privilege escalation attacks.  Affected product lines include Cisco Wireless LAN Controllers ...

Tags: Cisco Systems Inc., Flaw, IP, LANs, Networking, Ryan Naraine, Security, Wi-Fi, Wireless, Wireless And Mobility, Wireless LANs, WLAN

Blog posts 2009-02-04

RIM warns of BlackBerry PDF processing vulnerabilities

Hackers can use booby-trapped PDF attachments sent to BlackBerry devices to launch malicious code execution attacks, according to warnings issued by Research in Motion RIM. The company shipped patches this week to address a pair of critical vulnerabilities affecting its enterprise product line. ...

Tags: Research In Motion Ltd., Adobe PDF, Vulnerability, RIM BlackBerry, Handhelds, Hardware, Ryan Naraine

Blog posts 2009-01-14

Oracle planning Patch Tuesday whopper

Microsoft may be offering a Patch Tuesday respite this month but, if you're an Oracle database administrator, January 13 will be a very busy day. The database server giant announced plans for a monster Patch Day next Tuesday with fixes for 41 security vulnerabilities in "across hundreds...

Tags: BEA WebLogic, BEA Systems Inc., Oracle Corp., Portals, Application Servers, Enterprise Software, Middleware, Databases, Internet, Software, Data Management, Ryan Naraine

Blog posts 2009-01-09

Oracle ships emergency workaround for zero-day flaw

For the first time since the introduction of its quarterly Critical Patch Update process in 2005, Oracle has released an emergency alert to offer mitigation for a zero-day vulnerability that's been published on the Internet. The emergency workaround, available here, addresses an unpatched vulnerability that's remotely exploitable...

Tags: Oracle Corp., Vulnerability, Zero-day Bug, Security, Ryan Naraine

Blog posts 2008-07-28

RIM ships fix for BlackBerry code execution bug

Just a quick note to update a story I wrote last week on an unpatched remote execution vulnerability affecting BlackBerry business users: Research in Motion RIM has finally shipped patches to cover the issue, which affects the BlackBerry Attachment Service component of the BlackBerry Enterprise Server. ...

Tags: Research In Motion Ltd., RIM BlackBerry, Handhelds, Hardware, Ryan Naraine

Blog posts 2008-07-22

Cisco plugs holes in Voice Portal, SSH implementation

It's Patch Day in the land of Cisco. The network routing and switching giant today released three security bulletins with patches for multiple vulnerabilities affecting the Cisco Voice Portal and the Secure Shell server SSH implementation in Cisco IOS. The most serious of the...

Tags: Voice, Vulnerability, SSH, Cisco Systems Inc., Portal, Security, Ryan Naraine

Blog posts 2008-05-21

Security: Lintel vs Wintel

In the PC community "security" just means defending against attacks aimed at destroying or misusing all or part of a computer system. In that context most of the complexities associated with trying to decide whether wintel or lintel will expose you to less security risk arise from the absense of...

Tags: Wintel, Attacker, Vulnerability, Flaw, National Vulnerability Database, Petreley, Security, Paul Murphy

Blog posts 2008-03-24

Cisco plugs CallManager vulnerability that rates a '10'

Cisco Systems on Wednesday shipped a high priority fix for its Cisco Unified Communications Manager software, formerly known as CallManager. Cisco gave the flaw, which allows remote code executions, a CVSS Base Score of 10, the highest rating available. According to Cisco's advisory, CallManager...

Tags: Vulnerability, Cisco Systems Inc., Certificate Trust List Provider Service, Certificate Trust List, Larry Dignan

Blog posts 2008-01-16

Windows vs Linux security report card redux

Orlando, Florida -- Jeff Jones has expanded his project to count security flaws publicly reported and fixed in the major workstation operating systems and his latest numbers show Windows Vista has by far the best security profile when compared to the major Linux distributions.Jeff Jones, security strategy director in Microsoft's...

Tags: Apple, Black Hat, Botnets, Browsers, Data theft, Digital rights management, Exploit code, Firefox, Google, McAfee, Microsoft, Mozilla, Open source, Passwords, Patch Watch, Pen testing, Piracy, Responsible disclosure, Vulnerability research, Windows Vista, Zero-day attacks

Blog posts 2007-06-06