August 06, 2008

Oracle issues out-of-cycle patch for flaw

Apache plug-in flaw for WebLogic Server and Express is the first to cause Oracle to release an off-cycle warning

Oracle has released an emergency patch for a flaw the company issued a rare security alert for last week.

Administrators should not apply the work-arounds the company previously recommended and apply the patch, Oracle said.

The vulnerability lies in the Apache plug-in for the Oracle WebLogic Server and Express products (formerly known as BEA WebLogic), both application servers.

The flaw can be remotely exploited and result in an attack that can compromise "the confidentiality, integrity and availability of the targeted system," according to the company's advisory.

The flaw was given a 10.0 score -- the most serious rating -- on the CVSS scale (Common Vulnerability Scoring System), a framework used to evaluate the risks of a particular flaw.

In the three years since Oracle started a regular patch cycle, the Apache plug-in flaw is the first one to cause the company to release an off-cycle warning.

Sign up to receive Security Resource Alerts

Subscribe to the Security Central Newsletter

The one-stop resource center for IT professionals.

White Paper

CA Security Management Solutions

A comprehensive security management solution can help you streamline, as well as grow, your current or evolving business. In this way, a strategic security approach can help you increase your competitiveness in these challenging market conditions.

Download now! »

White paper

Beyond Compliance: The Significant Benefits of Log Management

Find out how you can effectively collect, normalize and archive enterprise-wide, security-related data that is invaluable for security investigation and compliance reporting.

Download now! »

Webcast

Integrated Identity Compliance: Enabling Cost-Effective Role-Based Compliance

This session focuses on the intersection of role management and identity compliance, and addresses the importance of identity compliance in enterprise governance and the challenges that organizations may face in achieving it.

View now! »
©1994-2009 Infoworld, Inc.