Oracle has issued patch fixes for 23 critical problems. The patches address a number of issues with the popular database software, ranging from manipulation of data, exposure of sensitive information, privilege escalation and denial-of-service attacks. The versions of Oracle affected are Oracle Database 10g Release 1, Oracle9i Database Server, Oracle Application Server, Oracle9i Application Server, Oracle Collaboration Suite and Oracle E-Business Suite and Applications Release.
This comes after a number of criticisms made against Oracle in terms of their approach to security issues (i.e. that they do not take them very seriously.)
At the Black Hat security conference in Las Vegas last year, NGS Software pushed the envelope by releasing details on more than two dozen security holes in Oracle products that had not been fixed.