A full 27 of those are targeted for the MySQL database. One of the vulnerabilities can be exploited over a network without log-in credentials. The highest CVSS (Common Vulnerability Scoring System) Base Score among the MySQL bugs is 5.5, which falls into the system’s “medium” risk range.
Two other fixes are for Oracle’s database, and Oracle is also planning to ship 11 patches for Fusion Middleware. Five of the bugs in the latter can be remotely exploited with no user authentication required.
On the application front, the company’s E-Business Suite is getting three patches, its supply chain application suite will receive one, PeopleSoft will get six, and JD Edwards will have eight.
Some 17 patches will be released for Sun products, including six that can be remotely exploited with no credentials. Affected products include GlassFish Enterprise Server and the Solaris OS.
Another three patches are for Oracle’s virtualisation technology, including VirtualBox.